[Bug 1064475] Re: crash version is outdated. Needs to import Debian version of the package
Launchpad Bug Tracker
1064475 at bugs.launchpad.net
Mon Nov 19 11:09:11 UTC 2012
This bug was fixed in the package crash - 6.1.0-1ubuntu1
---------------
crash (6.1.0-1ubuntu1) raring; urgency=low
* Merge from Debian unstable (LP: #1064475). Remaining changes:
- debian/patches/01_spu_commands.patch
+ Provides SPU extension support
+ Enable SPU extension only on PPC (using .mk logic)
- debian/rules:
+ Always build extensions and package them.
+ Cleanup for extensions
crash (6.1.0-1) unstable; urgency=low
* Fix for 32-bit SADUMP dumpfiles to correctly check whether a requested
physical address is within the 0-640K backup region. Without the patch,
requested physical addresses that are larger than 32-bits are truncated to
32-bit values, leading to unexpected results.
* Added support for the ELF dumpfile type that is generated by the new
"virsh dump --memory-only" option. The "--memory-only" option uses a new
"dump-guest-memory" QEMU monitor command that creates an ELF kdump vmcore
clone. The "virsh dump" command continues to borrow the "migrate" QEMU
monitor command to create a file that is designed for guest migration, and
not well-suited for a vmcore because it is not designed for random-access
of physical memory. A new "help -r" option has been added to dump the
registers that are stored in per-cpu "QEMU" ELF notes; those notes are
used to distinguish this dumpfile type from regular kdump ELF vmcores.
The patch also combines common functionality between the new format and
the SADUMP format.
* Fix for the "runq" command for kernels that have the CFS scheduler.
Without the patch, a cpu's RT runqueue may incorrectly display "[no tasks
queued]" when in fact there are tasks on its queue.
* In the highly-unlikely event that a pre-Linux 3.5 kernel's log buffer
cannot be read during initialization, display a message indicating
"WARNING: cannot read log_buf contents", and just continue. Without the
patch, a "readmem" error would be displayed and the crash session would be
killed.
* Updated the "net -a" option to support Linux 2.6.9 to 3.6.0. Without the
patch, the option displayed "net: -a option not supported or applicable on
this architecture or kernel".
* Enhanced the "net -a" option to show the struct neighbour address
associated with each line of output.
* Fix for the "runq" command for kernels that are configured with
CONFIG_RT_GROUP_SCHED. Without the patch, tasks contained within an RT
group scheduling entity are not displayed.
* Fix for "crash --version" or "crash -v" to prevent the sourcing of a
.gdbinit file that is located in the current directory.
* Preemptive fix to handle this patch to the x86 devmem_is_allowed()
function that was posted on the Linux Kernel Mailing List here:
https://lkml.org/lkml/2012/8/28/357 If the proposed kernel patch put into
place, a failed attempt to use /dev/mem when the kernel is configured with
CONFIG_STRICT_DEVMEM will not result in an automatic attempt to use
/proc/kcore. With this crash utility patch, the automatic switch to
/proc/kcore will be attempted regardless whether the kernel patch is
accepted or not.
* Patch for CVE-2012-3509: libiberty: objalloc_alloc integer overflows
* Fix for Linux 3.0 and later kernels that have been configured with
CONFIG_SLAB, and without CONFIG_NODES_SHIFT (or have set it to 0).
Without the patch, the warning messages "crash: nr_node_ids: symbol does
not exist" and "crash: unable to initialize kmem slab cache subsystem" are
displayed during initialization, and the "kmem -[sS]" options fail with
the message "kmem: kmem cache slab subsystem not available".
* Allow the build procedure to use an alternate compiler by passing "make
CC=<compiler>" to the top-level Makefile.
* Allow the user to append options to the "configure" script that is invoked
by the initial embedded gdb build procedure. The additional options
should be put in a file named "GDBFLAGS.extra" located in the top-level
directory.
* Change for the "ps" command if a task is stopped due to the task being
traced by another task. Without the patch, the traced task is shown with
the "ST" (stopped) status; with the patch it will be shown with a "TR"
(traced) status.
* The "TR" state has been added to the "foreach" command's list of task
state qualifiers. Without the patch, there is no way to filter out tasks
that are stopped due to being traced by another task.
* Fix for passing a a "gdb" command to a crash session via a pipe if there
are any spaces preceding the "gdb" command name in the string. Without
the patch, the command will fail with the error message "gdb: gdb request
failed: <truncated input-string>".
* Preparation for the future S390/S390X structure name change from
"_lowcore" to "lowcore". The patch checks which structure is defined and
uses the correct name.
* Replaced datatype_info() calls in do_radix_tree() and do_rdtree() with
preferred MEMBER_SIZE() macro.
crash (6.0.9-1) UNRELEASED; urgency=low
* Fix for building on host machines that have glibc-2.15.90 installed, in
which case the glibc header file /usr/include/bits/siginfo.h no longer
declares a "struct siginfo", but only the "siginfo_t" typedef. Without
the patch, the build of the embedded gdb module fails with the error
message "linux-nat.h:63:18: error: field 'siginfo' has incomplete type".
* Add support for reading compressed kdump dumpfiles that were compressed by
the snappy compressor. This feature is disabled by default. To enable
this feature, build the crash utility in the following manner: (1) Install
the snappy libraries by using the host system's package manager or by
directly downloading libraries from author's website. The packages
required are: - snappy - snappy-devel The author's website is:
http://code.google.com/p/snappy (2) Create a CFLAGS.extra file and an
LDFLAGS.extra file in top-level crash sources directory: - enter -DSNAPPY
in the CFLAGS.extra file - enter -lsnappy in the LDFLAGS.extra file. (3)
Build crash with "make" as always.
* Prevent the "ptov" command from returning an invalid virtual address on
32-bit architectures. Without the patch, the command may result in an
invalid virtual address if the physical address entered cannot be accessed
by a unity-mapped kernel virtual address. The patch verifies that the
calculated virtual address can be translated back into the supplied
physical address.
* Fix to automatically try /proc/kcore as an alternative live memory source
when the /dev/crash driver does not exist and /dev/mem is unusable because
the kernel was configured with CONFIG_STRICT_DEVMEM. Without the patch,
the automatic switch from /dev/mem to /proc/kcore is only attempted on the
X86 and X86_64 architectures.
* Added missing linefeeds to several error messages in makedumpfile.c.
* Fix for a regression introduced by a crash-5.1.1 patch that reworked the
handling of "set" commands that are put in .crashrc files, such that only
certain command options would get resolved before the crash session is
initialized. Without this patch, the "--less", "--more", "--no_scroll"
and "--CRASHPAGER" crash command line options do not properly override
conflicting "set scroll <option>" entries that are put in a .crashrc file.
* Added new "--hex" and "--dec" crash command line options, which will set
the command output format to hexadecimal or decimal. These two command
line options will override any "set radix [10|16]" settings in a .crashrc
file; since decimal is the default, the "--dec" option would only be
necessary to override a "set radix 16" setting in a .crashrc file.
* Fix for the "runq" and "timer" commands when running against 2.6.34 and
later kernels that are not configured with CONFIG_SMP. Without the patch,
the "runq" command fails with the error message "runq: per-cpu runqueues
does not exist", and the "timer" command fails with the error message
"timer: zero-size memory allocation! (called from <address>)".
* If code.google.com is not available from the host build machine, then
"make extensions" will be delayed by a 10 minute timeout of the "git
clone" command that downloads the EPPIC library and extension module
source tree. The patch pings code.google.com first in order to determine
its availability before attempting the download.
* For kernel versions 3.5 and later, in which the kernel log buffer has been
converted from a byte-buffer to a variable-length record buffer, the "log
-m" option will display the level in hexadecimal, and depending upon the
kernel version, the value also contains either the facility or flags bits.
* Fix for accessing the per-cpu registers from ARM vmcores generated by
recent kernels in which the per-cpu data region has been moved into mapped
kernel virtual address space. Without the patch, an incorrect physical
address is calculated, resulting in bogus register contents.
* Check that an s390x dumpfile is a "live dump" earlier during session
initialization so that the internal LIVE_DUMP flag will get set when
"crash --minimal" is invoked.
* Removed the usage of C++ keywords in structure and structure member names
declared in "defs.h" so that extension modules written in C++ will compile
successfully. Accordingly, the "struct namespace" is renamed to "struct
symbol_namespace", the struct symbol_table_data's "namespace" member is
renamed to "kernel_namespace", and the struct gnu_request's "typename"
member is renamed to "type_name".
* Fix for the date displayed by the initial system banner and by the "sys"
command for Linux version 3.6 and later. Without the patch, the date
displayed will be that of the UNIX epoch, i.e., midnight, Jan 1, 1970 UTC,
adjusted to local time.
* When the eppic.so extension module is built by "make extensions", the
EPPIC source tree is downloaded from its upstream source repository at
https://code.google.com/p/eppic. However, if an EPPIC_GIT_URL environment
variable is defined, then the URL that it points to will be used as an
alternative git source repository.
* Fix for a segmentation violation generated by the "struct" command when
printing a structure member using the "struct_name.member" argument
format, where the member is a "char *" that points to a string that
contains a "%" character.
* Patchset to support the most recent Xen hypervisor and Xen pvops kernels:
(1) Always calculate max_cpus value (2) Read only crash notes for onlined
CPUs (3) Read variables from dynamically allocated per_cpu data (4) Get
idle data from alternative source (5) Read data correctly from dynamically
allocated console ring (6) Add support for 3 level P2M tree
* Fix for building a 32-bit eppic.so extension module after having built
crash with "make target=ARM" or "make target=X86" on an x86_64 host.
Without the patch, the eppic.so extension module would be built as a
64-bit binary.
* For the ARM architecture, fix the determination of the kernel modules base
address when modules are not installed, and update the "mach" command to
display the "KERNEL MODULES BASE" address.
* Fix for the "kmem -[sS]" commands for Linux version 3.6 and later kernels
configured with CONFIG_SLUB. Without the patch, the commands fail with
the error message "kmem: invalid structure member offset:
kmem_cache_objsize".
* Fix for an invocation failure when running against Linux version 3.6 and
later kernels that are configured with CONFIG_SLAB. Without the patch,
the crash session fails during initialization with the error message
"crash: invalid structure member offset: kmem_cache_s_next".
* Fix for the "kmem -[sS]" commands on kernels that are configured with
CONFIG_SLUB to prevent a silent hang if a per-node slab cache partial list
recurses back onto itself. Without the patch, it was necessary to kill
the command; with the patch an error message is displayed and the command
continues on to the next kmem slab cache.
* Fix for the "kmem -[sS]" and "kmem -s list" options on dumpfiles from
kernels that are configured with CONFIG_SLUB which have been filtered by
the makedumpfile facility. Without the patch, it is possible that those
commands may generate the error message "kmem: page excluded: kernel
virtual address: <address> type: kmem_cache buffer", and would require
either the "--zero_excluded" command line option or having to execute "set
zero_excluded on" during runtime in order to complete successfully.
crash (6.0.8-1) UNRELEASED; urgency=low
* Introduction of a new "tree" command that can be used to dump the the
addresses of all data structure entries in a red-black tree or a radix
tree. Similar in nature to the "list" command, each data structure in a
tree can be dumped in total, or one or more members in each strucure may
be dumped.
* If a compressed kdump header contains an invalid "nr_cpus" value, allow
the crash session to continue after printing a warning message. Without
the patch, on non-S390/S390X systems, an invalid nr_cpus value generates a
message such as "crash: compressed kdump: invalid nr_cpus value: 0", and
the session subsequently fails with the message "crash: vmcore: not a
supported file format". However, compressed kdumps have been seen that
have an nr_cpus value of 0, but the session can still run normally. The
patch changes the message to "WARNING: compressed kdump: invalid nr_cpus
value: 0", and the session is allowed to continue.
* Clarify the "help -n" output for compressed kdumps to show the offsets and
sizes of the vmcoreinfo, notes, and eraseinfo sections in both
hexadecimal and decimal, and to cleanly handle compressed kdumps that have
no NR_PRSTATUS notes in the notes section.
* Fix for the X86 "bt" command for a possible situation where the crashing
cpu's back trace starts at the "sysrq_handle_crash" stack frame instead of
farther down the stack below the exception at the "crash_kexec" stack
frame.
* Fix for the "runq" command for kernels that have the CFS scheduler.
Without the patch, tasks queued on a priority array of a cpu's RT runqueue
may not be displayed.
* Fix for analyzing dumpfiles from kernel version 3.5 and later, in which
the kernel log buffer has been converted from a byte-buffer to a
variable-length record buffer. Without the patch, the crash session fails
during initialization with the error message "crash: cannot determine
length of symbol: log_end". If the session is run on a live system, or if
the session is invoked with the "-s" command line option, the session is
not killed, but in those cases the "sys" and "log" commands will fail with
the same error message.
* For kernel versions 3.5 and later, in which the kernel log buffer has been
converted from a byte-buffer to a variable-length record buffer, two new
options have been added. The "log -t" option will display log messages
without the timestamp prepended. The "log -d" option will display the
dictionary of key/value pair properties that the kernel's dev_printk()
function optionally appends to a message.
* The SIAL extension module has been replaced by the "eppic" facility, which
stands for "Embeddable Pre-Processor and Interpreter for C". The eppic
git tree is located at http://code.google.com/p/eppic. When "make
extensions" is done, the eppic source code will be downloaded
automatically via "git clone", and then the "eppic.so" extension module
will be built. The "eppic.so" extension module offers the same command
set as the older "sial.so" module; the SIAL extension module source files
have been completely removed. If desired, the eppic sources can be
updated by executing "git pull" from the "extensions/eppic" subdirectory.
* Added a new "list -h" option. When used with -h, the "start", address
must be the address of a data structure that contains an embedded
list_head structure. Updated the "list" help page to more clearly
differentiate the difference between using a "start" address alone, "-H
start", or "-h start", and added a WARNING section to address the problem
of "-h start" passing through an external LIST_HEAD(), or passing though
the actual starting point of the list that is contained within a different
type of data structure from all the entries in the list.
* Implemented a new "scope" crash environment variable that can alter the
text scope for viewing the definition of data structures. It is useful in
cases where the kernel defines more than one instance of of a data
structure with the same name, and the "wrong" one is selected by default.
The variable takes a kernel or module text symbol name or address, or an
expression evaluating to the same. If the variable is a module text
address, then the command will attempt to load the module into the crash
session if it is not already loaded; if that fails, then the setting of
the variable will fail.
* Update to the extensions/trace.c extension modue to handle a kernel
version 3.4 patch that added a new "ring_buffer_per_cpu.nr_pages" member,
making the trace buffer size per-cpu.
* Fix to recognize a kernel version 3.5 patch that changed the "qstr.len"
member from an unsigned integer into a member of an anonymous structure
within an anonymous union. Without the patch, the following commands
fail, displaying the following error messages: mount: "mount: invalid
structure member offset: qstr_len" files: "files: invalid structure member
offset: qstr_len" vm: "vm: invalid structure member offset: qstr_len"
swap: "swap: invalid structure member offset: qstr_len fuser: "files:
invalid structure member offset: qstr_len"
* The "fuser" command generates the above error because it uses the "files"
command behind the scenes.
* Fix for the function that gathers a cpu's register set from an NT_PRSTATUS
note of an x86 or x86_64 compressed kdump header if one or more cpus were
offline when the system crashed. In that case, if the requested cpu
number is equal or greater than the number of online cpus, the function
will fail. When that happens, that cpu's back trace will not have those
registers as a fall-back option if the starting point cannot be determined
otherwise.
* Added "ipcs" and "tree" command references to the crash.8 man page.
* Redefined the usage of the "struct -o" flag when used in conjunction with
a symbol or address argument. Without this patch, the behavior has been
to print the warning message "struct: -o option not valid with an address
argument", ignore the "-o", and to just display the structure at that
address. With this patch, each structure member will be proceded by its
virtual address.
* Added new "bt -s [-xd]" options that will display symbol names plus their
offset in each frame. The default behavior is unchanged, where only the
symbol name is displayed. The symbol offset will be expressed in the
default output format, which can be overridden with the -x or -d options.
* Fix for 32-bit PPC to handle a situation where one or more NT_PRSTATUS
note(s) were not captured in the kdump header due to cpu(s) not responding
to an IPI. Without the patch, the "bt" command may result in a
segmentation violation.
* Fix for building the PPC64 architecture in ppc64 environments where where
applications are built 32-bit by default when -m32 or -m64 are not
specified. This was a regression introduced in the crash-6.0.3 patch that
introduced the "make target=PPC" feature that can be performed on ppc64
hosts. Without the patch, a "make" command would build a 32-bit PPC crash
utility on such ppc64 hosts.
* Fix for the 32-bit PPC "irq" command. Without the patch, depending upon
the kernel version, the command would fail with the message "irq: cannot
determine number of IRQs", or "irq: invalid structure size: irqdesc".
* Fix for the 32-bit PPC "pte" command to properly translate the PTE bit
settings based upon the correct Book3E specifications.
crash (6.0.7-1) UNRELEASED; urgency=low
* Enhanced the "search" command to allow the searched-for value to be
entered as a crash (expression) or a kernel symbol name. The resultant
value of an (expression) or kernel symbol value must fit into in the
designated value size if -w or -h are used, and neither variant may be
used with the -c option. If found, both the resultant value and the
argument input string will be displayed next to the target address(es).
* Added a new "search -t" option that will restrict the search to the kernel
stack pages of all tasks. If one or more matches are found in a task's
kernel stack, the output is preceded with a task-identifying header.
* Fix for the s390x "bt -[tT]" options when run on an active task on a live
system. Without the patch, the options fail with the message "bt:
invalid/stale stack pointer for this task: 0".
* Fix for s390x "vm -p" option, which may show invalid user to physical
address translation data if a page is not mapped. Without the patch, a
page's translation may indicate "<address> SWAP: (unknown swap location)
OFFSET: 0", or show an incorrect swap offset on an actual swap device.
* Added new "vm -[xd]" options to be used in conjunction with "vm -[mv]",
which override the current default output format with hexadecimal or
decimal format for just the command instance. Without the patch, it would
require changing the default output format with "hex" or "dec" prior to
executing "vm -[mv]". The new flags may also be used with "foreach vm
-[mv]".
* Fix for the s390x "vm -p" and "vtop -u <user-address>" commands if the
page containing the relevant PTE is not mapped. Without the patch, the
commands fail with the error message "vm: read error: kernel virtual
address: 0 type: entry" or "vtop: read error: kernel virtual address: 0
type: entry"
* Fix for the s390x "vm -p" command and "vtop -u <user-address>" commands to
properly translate pages that are swapped out into their swap file and
offset. Without the patch, the swap file and offset would not be
displayed.
* Added new "list -[xd]" options to be used in conjunction with "list -s",
which override the current default output format with hexadecimal or
decimal format for just the command instance. Without the patch, it would
require changing the default output format with "hex" or "dec" prior to
executing "list -s".
* Added new "net -[xd]" options to be used in conjunction with "net -S",
which override the current default output format with hexadecimal or
decimal format for just the command instance. Without the patch, it would
require changing the default output format with "hex" or "dec" prior to
executing "net -S". The new flags may also be used with "foreach net -S".
* Added new "mach -[xd]" options to be used in conjunction with "mach -c",
which override the current default output format with hexadecimal or
decimal format for just the command instance. Without the patch, it would
require changing the default output format with "hex" or "dec" prior to
executing "mach -c".
* If the value read from the cpu online, present, or possible masks contains
a cpu bit value that is outside the architecture's maximum NR_CPUS value,
print a warning message during invocation. Without the patch, a corrupt
vmcore containing a bogus mask value could quietly corrupt heap memory.
* Add support to for reading dumpfiles compressed by LZO using makedumpfile
version 1.4.4 or later. This feature is disabled by default. To enable
this feature, build the crash utility in the following manner: (1) Install
the LZO libraries by using the host system's package manager or by
directly downloading libraries from author's website. The packages
required are: - lzo - lzo-minilzo - lzo-devel The author's website is:
http://www.oberhumer.com/opensource/lzo (2) Create a CFLAGS.extra file and
an LDFLAGS.extra file in top-level crash sources directory: - enter -DLZO
in the CFLAGS.extra file - enter -llzo2 in the LDFLAGS.extra file. (3)
Build crash with "make" as always.
* Fix for the included "trace" extension module. Without the patch, if the
module initialization sequence fails, a double-free in the module may lead
to a subsequent malloc() segmentation violation in the crash session.
* Incorporated the "ipcs" extension module written by Qiao Nuohan as a
built-in command. The command displays the kernel's usage of the System V
shared memory, semaphore and message queue IPC facilities. It differs
from the original extension module by fixing a failure scenario if the
current task is exiting, and adds a "-n pid|task" option, which displays
the IPCS facilities with respect to the namespace of a given pid or task.
* Fix for a gdb-7.3.1 regression that causes the line number capability to
fail with certain ranges of x86 base kernel text addresses. Without the
patch, the "dis -l <symbol>" or "sym <symbol>" commands would fail to show
line number information for certain ranges of base kernel text addresses.
* Added a new "printm" command to the embedded gdb module. It is currently
only used by the "pstruct" extension module, but can be used to dump the
type, size, offset, bitpos and bitsize values of an expression.
* Added a new "runq -t" option that displays the timestamp information of
each cpu's runqueue, which consists of either the rq.clock, the
rq.most_recent_timestamp or rq.timestamp_last_tick value, whichever
applies. Following each cpu timestamp is the last_run or timestamp value
of the active task on that cpu, whichever applies, along with the task
identification.
* Fix for an initialization-time warning when running on a live system with
the most recent version of the modprobe command, which no longer supports
the -l and --type options. The modprobe is used to detect whether the
crash.ko memory driver is part of the distribution. Without the patch, a
warning message is issued that indicates "/sbin/modprobe: invalid option
-- 'l'". If the driver is built into the kernel, the message is harmless.
If the driver is not built into kernel, then the crash.ko (/dev/crash)
driver would not be selected as the live memory source.
crash (6.0.6-1) unstable; urgency=low
* New upstream version 6.0.6
* Extend the supported cross-architecture build capability so that it
applies to the SIAL extension module. Without the patch, when building
the SIAL module in an environment where the overlying crash utility was
built with "make target=ARM", "make target=PPC", or "make target=X86", the
SIAL extension module would continue to be built for the host
architecture.
* Fixes for memory leaks and possible segmentation violations when unloading
SIAL extension module scripts.
* Fix for the new "foreach RU" task state qualifier. Without the patch, the
runnable tasks are not selected.
* Fix to disallow multiple task states from being entered using the "foreach
<task-state>" qualifier. Without the patch, if multiple states were
entered, the last one on the command line would be honored.
* Fix for the "extend" command to allow the usage of 32-bit PPC extension
modules. Without the patch, the command fails with the message: "extend:
<object>.so: not an ELF format object file".
* If an input line starts with "#" or "//", then the line will be saved as a
comment that is visible when re-cycling through the command history list.
* Fix for a crash-5.1.9 regression that broke the "bt -g" option. Without
the patch, the option is ignored completely.
* Fix for s390x virtual-to-physical translation of virtual addresses that
are backed by 1MB pages.
* The s390x has a dumpfile method that creates "live dumps", where the
kernel continues to run while the dumpfile is being created. The initial
system banner display and the "sys" command will inform the user that the
dumpfile is a "[LIVE DUMP]", and the "bt -a" option will fail with the
message "bt: -a option not supported on a live system or live dump".
* Newly-created dumpfiles generated by the "snap.c" extension module will
now be recognized as "live dumps". Accordingly, the initial system banner
display and the "sys" command will inform the user that the dumpfile is a
"[LIVE DUMP]", and the "bt -a" option will fail with the message "bt: -a
option not supported on a live system or live dump".
* If "bt" alone is attempted on an active task in a "live dump", it will
indicate "(active)", i.e., the same as if it were attempted on a live
system.
* If an extension module does not define the appropriate architecture, i.e.,
"-DX86", "-DX86_64", etc., then the inclusion of "defs.h" will generate a
compiler failure indicating "error: 'NR_CPUS' undeclared here (not in a
function)". In that case, the architecture will now default to that of
the host machine.
* Prevent a highly-unlikely incorrect calculation of the maximum cpudata
array length of a kmem_cache during initialization of of CONFIG_SLAB
kernels.
* Prevent an infinite loop during the initialization of the kmem_cache
subsystem in CONFIG_SLAB kernels if the cache list or the vmcore is
corrupt. If the kmem_cache list links back into itself, messages showing
the first "duplicate" entry in the list and "crash: unable to initialize
kmem slab cache subsystem" will be displayed.
* Update to the "mod" command to additionally search for module object files
in the directory containing the kernel namelist (vmlinux) file. This will
allow an alternate module-debuginfo directory tree to be set up like so: #
cd <directory> # rpm2cpio kernel-debuginfo-<release>.rpm | cpio -idv
Having done that, and by referencing the vmlinux file in that directory
tree directly or by symbolic link, the "mod" command will search for
module object files starting from the directory containing the vmlinux
file if they are not found in the standard /lib/modules/<release>
directory.
* Update to the s390x "bt" command if a task was running in userspace.
Without the patch, the back trace display ended at the kernel entry
function frame; with the patch, the user space PSW register is displayed
with a "(user space)" tag, followed by the general purpose register set.
* In the unlikely event that the access of ARM or x86_64 kernel unwind table
data fails during crash invocation, print a warning message and allow the
crash session to continue. Without the patch, the crash session would
fail immediately.
crash (6.0.5-1) unstable; urgency=low
* New upstream version 6.0.5
* Enhancement to the "foreach" command to allow any of the "name" arguments
to be POSIX extended regular expressions. The expression string must be
encompassed by "'" characters, and will be matched against the names of
all tasks.
* Fix for the embedded gdb module's "ptype" command, and by extension, the
crash utility's "struct" command, to be able to fully display embedded
structure or union members of a structure/union. Without the patch, if a
structure or union is a member of a structure or union that is a member of
a structure or union, then it is displayed as "struct {...}" or "union
{...}".
* Extend the "ps -l" output to also display the task state next to its
last_run/timestamp value.
* Enhancement to the "foreach" command which adds a new "state"
task-indentifier argument that filters tasks by their task state. The
state argument may be any of the task states displayed by the "ps"
command: RU, IN, UN, ST, ZO, SW or DE.
* Implemented a new pc->cmd_cleanup function pointer and an optional
pc->cmd_cleanup_arg argument that will allow any command to register a
function and an optional argument that will be called after a command has
completed successfully, or more likely, unsuccessfully. Normally the only
cleanup required for a command is the freeing of buffers that were
allocated with GETBUF(), but that is performed automatically after each
command is run. However, with the introduction of the new POSIX regular
expression functionality of the "foreach" command, there needed to be a
way to call regfree() in the case where where regcomp() was called
successfully, but then the command later encountered one of several fatal
error conditions. This facility is also available for use by extension
module commands.
* Enforce the usage of a kernel thread's pgd from its active_mm for the ARM
"vtop -c" command; if its active_mm is NULL, make the command fail
similarly to the other architectures, displaying the error message "vtop:
no active_mm for this kernel thread".
* Fix for the x86_64 "bt" command running against recent kernels if an
active task was operating on its IRQ stack when the crash occurred.
Without the patch, the determination of the IRQ exception frame was
off-by-8, displaying invalid register data and the error message "bt:
WARNING: possibly bogus exception frame".
* Update to handle the vfsmount structure change in 3.3 kernels, in which
most members of the vfsmount structure have been moved into a new "struct
mount", and the vfsmount structure has been embedded in the new mount
structure.
* Fix for the "ps" command to prevent the display of "??" under the ST (task
state) column. Without the patch, in more recent kernels, if more than
one bit were set in the task_struct.state field, the state would display
"??". With the fix, the primary state will always be displayed.
* Update to the output of the "set" command when it displays a task's state.
Without the patch, if more than one bit was set in the task_struct.state
field, "STATE: (unknown)" would be displayed. With the fix, all bits in
both the task_struct.state and task_struct.exit_state fields are
translated.
* Implemented a new "vm -P <vma-address>" option, which is similar to "vm
- p", but only does the page translations of the specified VM area of a
context.
* Add support for the Freescale PowerPC e500mc version of the E500 processor
chipset, and rework the PPC platform-specific code in order to more easily
support new processors.
* Implemented a new "gdb" crash environment variable that can be used to
alter a crash session's behavior such that all commands are passed
directly to the embedded gdb module. The new mode is turned on and off by
entering "set gdb on" and "set gdb off". When running in this mode, the
command prompt will be "gdb>". In order to execute native crash commands
while running in this mode, precede the command with the "crash"
directive, for example, "crash ps".
* Fix for a "*** stack smashing detected ***: crash terminated" failure
during the initial system banner display on a 32-bit PPC platform.
* Redesigned/simplified the internal read_string() function to prevent a
potential segmentation violation.
* Updates for the 32-bit PPC "vtop" command output: (1) Translate kernel
virtual addresses for FSL BOOKE by using the TLBCAM setting (2) Remove the
PMD line from the display (3) Fix the displayed PHYSICAL values of FSL
BOOKE PTE format
* Fix for crash invocation failure on 3.3-era kernels in which the the
former standalone "xtime" timespec structure has been moved into the
"timekeeper" structure. Without the patch, the crash session would fail
early on with the message "crash: cannot resolve: xtime". The patch also
prevents the crash session failure in the unlikely event that the timespec
access fails.
crash (6.0.4-1) unstable; urgency=low
* New upstream version 6.0.4
* Fix to allow the recently-added "mod -g" and "mod -r" options to be used
together. Without the patch, if both options were used, the command would
fail with a "mod: invalid option" error complaining about one or the other
option letter.
* Additional update for 3.1.x and later kernels configured with CONFIG_SLAB,
which have replaced the kmem_cache.nodelists[] array with a pointer to an
outside array. Without the patch, depending upon a system's cpu
configuration and actual cpu count, the crash session may display "crash:
unable to initialize kmem slab cache subsystem" during invocation, or if
it does succeed, "kmem -s" may generate a segmentation violation.
* Document the "crash [-h|--help] all" option in the crash.8 man page and in
the "crash [-h|--help]" output.
* Fix the S390/S390X-specific "s390dbf" command's "hex_ascii" debug data
printing routine to prevent the display of non-ASCII characters.
* Fix for ARM stack unwinding on 3.2 and later kernels due to commit:
http://git.kernel.org/linus/de66a979012dbc66b1ec0125795a3f79ee667b8a
* Implemented a new "search -x <count>" option that displays the memory
contents before and after any found search target. The before and after
memory context will consist of "count" memory items of the same size as
the searched-for value. This option is not applicable with the -c option.
* Fix for the x86_64 Xen hypervisor "bt" command. Without the patch, the
contents of the RDX register in exception frames incorrectly shows the
contents of the RCX register.
* Implementation of a platform-based vmalloc address translation scheme for
the 32-bit PPC architecture, introducing support for the PPC44X platform
while maintaining the current default platform. Related to that, the PTE
translation function used by "vtop" properly handles platforms that use
64-bit PTEs, and the "mach" command displays the kernel's
"powerpc_base_platform" name string.
* Fix for the usage of native gdb commands where the command output is
redirected to a pipe and then redirected to a file.
* Fix to prevent a crash session that is run over a network connection that
is killed/removed from going into 100% cpu-time loop. The fix that went
into crash-5.0.2 to handle the change in behavior of the built-in
readline() library call does not suffice in cases where readline() never
gets a chance to be called. Accordingly, the crash session is now
initialized with a PR_SET_PDEATHSIG prctl setting, which will cleanly kill
itself upon its parent's death.
* Fix for the support of PPC64 compressed kdumps, a regression that was
introduced in crash-6.0.3 when support for 32-bit PPC compressed kdumps
was implemented. Without the patch, the crash session fails to
initialize.
* Fix for the x86_64 "bt" command to prevent the possible skipping of the
stack frame just above an exception frame that indicates "[exception RIP:
unknown or invalid address]". This highly-unlikely event could occur if
the kernel jumps to a bogus text location and attempts to execute it, or
if the exception occurs in vmalloc space that was allocated with
module_alloc() by a systemtap kprobe-handler, and therefore has no
symbolic reference.
crash (6.0.3-1) unstable; urgency=low
* New upstream version 6.0.4
* Fix to gdb-7.3.1/bfd/bfdio.c to properly zero out a complete struct stat
with a corrected memset argument; caught when compiling with the Clang
Static Analyzer.
* Fix for the SIAL extension module to remove a call to sial_free() for an
uninitialised variable that can result in a segmentation violation when
unloading a sial script.
* Fix for the "runq" command for kernels that are configured with
CONFIG_FAIR_GROUP_SCHED. Without the patch, tasks contained within the
task-group of a cpu's currently-running task may not be displayed.
* Implemented support for the analysis of 32-bit PPC ELF kdump vmcores.
* Implemented the capability of building a PPC crash binary on a PPC64 host,
which can be done by entering "make target=PPC". After the initial build
is complete, subsequent builds can be done by entering "make" alone.
* Determine the PPC page size from the kdump PAGESIZE vmcoreinfo data.
* Fix for the "kmem -[sS]", "kmem -[fF]" and "kmem <address>" options in 3.2
kernels. Without the patch, the commands fail with the error "kmem:
invalid structure member offset: page_lru".
* Addition of a set of dumpfile read diagnostic debug statements. They are
primarily of use when dealing with kdump invocation or runtime read
failures (ELF kdumps or compressed kdumps), and can serve to help pinpoint
the problem as a faulty/corrupted dumpfile vs. a crash utility bug. Some
statements are seen when invoking crash with "-d1", more with "-d4", and
all of them with "-d8". During runtime, debug statements may be seen by
entering "set debug <level>".
* Fix for X86 kernels that have CONFIG_X86_32, CONFIG_DISCONTIGMEM,
CONFIG_DISCONTIGMEM_MANUAL and CONFIG_NUMA all configured. Without the
patch, the VM subsystem fails to initialize properly because the pgdat
structures are allocated by the remap allocator.
* Fix for the "vtop" command on large NUMA X86 kernels where a node's
starting physical address is larger than 32-bits. Without the patch, the
page struct contents of a virtual address may not be displayed.
Associated with that fix, the "kmem -n" line that displays a node's
MEM_MAP, START_PADDR and START_MAPNR values has been adjusted to more
properly handle large physical addresses.
* Update for the ARM architecture to recognize a recent change of its
vmlinux section name from ".init" to ".init.text". Without the patch, a
warning message indicating "crash: cannot determine text init space" is
displayed during initialization.
* Significant speed increase of the "kmem -p" command, especially on
large-memory systems.
* Implemented new "irq -a" and "irq -s" options. The "irq -a" option
displays the cpu affinity for in-use IRQs. The "irq -s" option displays
per-cpu IRQ stats in a similar manner to /proc/interrupts for all cpus.
To show a limited set of per-cpu IRQ stats, there is an associated "-c"
option that limits the cpus shown, which can be expressed as "-c 1,3,5",
"-c 1-3", or "-c 1,3,5-7,10". The options are currently restricted to
X86, X86_64, ARM, PPC64 and IA64.
* Removal of a redundant read of the kernel's __per_cpu_offset pointers in
the ARM architecture's arm_get_crash_notes() function.
* Fix for an ARM architecture segmentation violation because of a stack
overflow due to recursion in the page table translation code. This was
seen when analyzing a dumpfile where the page tables had been corrupted.
* Fix for the the "FREE HIGH" tally in the X86 "kmem -i" display. Without
the patch, the PAGES, TOTAL and PERCENTAGE values would always show zero
values.
* Fix for the "kmem -n" output display for 32-bit architectures that are
configured with CONFIG_SPARSEMEM. Without the patch, the values under the
CODED_MEM_MAP, MEM_MAP and PFN columns are all shifted to the left.
* Cleanup of several SIAL extension module files to address bison 2.5 and
gcc 4.4.3 compile-time warnings.
* Fix for "net -[sS]" command options on the ARM architecture. Without the
patch, invalid data would be displayed because the calculation of the
socket address was off by 4 bytes.
* Fix for the ARM "bt" command to allow the core kernel unwind tables to be
used in cases where the module unwind tables are inaccessible.
* Implementation of a new "dev -d" option that displays disk device I/O
statistics. For each disk device, its major number, gendisk and
request_queue addresses are displayed along with the total number of
allocated I/O requests that are in-progress. The total I/O requests are
then split out into synchronous vs. asynchronous counts (or reads vs.
writes in older kernels), and the number that are in-flight in the device
driver.
* Update for 3.1.x and later kernels configured with CONFIG_SLAB, which have
replaced the kmem_cache.nodelists[] array with a pointer to an outside
array. Without the patch, the crash session fails during invocation with
the error "crash: zero-size memory allocation!".
* Implemented support for the analysis of 32-bit PPC compressed kdump
vmcores.
* Prevent the "runq" command from dumping an unending loop of tasks if the
CFS runqueue has been corrupted. If the output of a cpu's runqueue would
display a duplicate task, the output will stop with the message "WARNING:
duplicate CFS runqueue node: task <address>".
* Repurposed/renamed the rarely-used and rarely-needed "mod -r" option to
"mod -R". The option is used to reinitialize the module data; all
currently-loaded symbolic and debugging data is deleted, and the installed
module list will be updated (live systems only).
* Implemented a new "mod -r" option, which will pass the "-readnow" flag to
the embedded gdb module, which will override the two-stage strategy that
it uses for reading symbol tables from module object files. If the crash
session was invoked with the "--readnow" flag, then the same override will
occur automatically. It should be noted that doing will increase the
virtual and resident memory set size.
* Performance increase for the "kmem -s <address>" option on kernels
configured with CONFIG_SLAB, most notably on kernels whose
kmem_cache.array[NR_CPUS] array is several pages in size.
* Require that the "<slabname>" argument to "kmem -s <slabname>" be escaped
with a '\' character in two situations: 1, in the highly-unlikely case of
a kmem_cache slab named "list", to prevent the ambiguity with the "kmem -s
list" command option. 2, if the first character of the <slabname>
actually is a '\' character.
crash (6.0.2-1) unstable; urgency=low
* New upstream version 6.0.2
* Implemention of a new "arguments-input-file" feature, where an input file
containing crash command arguments may be iteratively fed to a crash
command. For each line of arguments in an input file, the selected crash
command will be executed.
* Many thanks to Josef Bacik for proposing this feature.
* Fix for the "runq" command for kernels configured with
CONFIG_FAIR_GROUP_SCHED. Without the patch, it is possible that a task
may be listed twice in a cpu's CFS runqueue.
* Fix for the internal parse_line() function to properly handle the case
where the first argument in a line is a string argument that is
encapulated with quotation marks.
* Fix for the usage of gzip'd vmlinux file that was compressed with "gzip
-n" or "gzip --no-name" without using "-f" on the command line. Without
the patch, the crash session fails with an error message that indicates
"crash: <string-containing-garbage>: compressed file name does not start
with vmlinux". With the patch, if such a file is used without "-f", it
will be accepted with a message that indicates that the original filename
is unknown, and a suggestion that "-f" be used to prevent the message.
* Added a new "mod -g" option that enhances the symbol display for kernel
modules. After loading a module's debuginfo data, the module object's
section addresses will be shown as pseudo-symbols.
* Fix for the "gdb" command to prevent the option handling of command lines.
Without the patch, a gdb command string that contained a "-<character>"
pair preceded by whitespace, would fail with the error message "gdb: gdb:
invalid option -- <character>".
* Fix for the panic-task determination if a dumpfile is taken on a system
that actually has a cpu count that is equal to its per-arch NR_CPUS value.
Without the patch, the task running on the cpu whose number is equal to
NR_CPUS-1 would be selected.
* Fix for the x86_64 "bt" command to handle a recursive entry into the NMI
exception stack. While this should normally never happen, it is possible
if, for example, a kprope is entered into a function that gets executed
during NMI handling, and a second NMI is received after the initial one,
corrupting the original exception frame at the top of the NMI stack.
Without the patch, the NMI stack backtrace and exception frame would be
displayed repeatedly; with the patch, the backtrace and exception frame
are followed by the warning message "NMI exception stack recursion: prior
stack location overwritten".
* Support dumpfiles that are created by the PPC64 Firmware Assisted Dump
facility, also known as "fadump" or "FAD". Without the patch, the panic
task cannot be determined from a fadump vmcore which was subsequently
compressed with makedumpfile, and therefore a proper backtrace of the
panic task cannot be generated.
* Preparation for new s390x kernels that will increase MAX_PHYSMEM_BITS from
42 to 46.
crash (6.0.1-1) unstable; urgency=low
* New upstream version 6.0.1
* Several fixes/updates for the 32-bit PPC architecture: (1) Delete
"__func__.<number>" symbols from the symbol list. (2) Update manner of
determining the processor speed displayed by the initial system banner and
the "sys" command. (3) Use the kernel's online cpus mask for determining
the cpu count. (4) Enable the "bt" command to follow traces that start in
a per-cpu IRQ stack. (5) Fix for the "bt" command to better prevent
runaway stack traces. (6) Fix for the "bt" command to recognize/display
2.6 kernel exception frames. (7) Update "bt" command's exception frame
register display. (8) Implement "bt -f" option.
* Fix for the X86 kernel module line-number capability on some kernels. It
is unclear why only some kernel versions exhibit this problem, but the
newly-embedded gdb version 7.3.1 has changed behaviour such that the
addrmap arrays of module text address blocks may contain the module text
offset values instead of their loaded vmalloc addresses, and so without
the patch, there is no "match" for the vmalloc address when searching for
its line number information. It is fixed by doing a preliminary symbol
search before accessing the line-number access routine.
* Fix for the X86_64 kernel module line-number capability on kernels that
have functions preceded by the __vsyscall_fn macro, which puts the kernel
text function in the vsyscall page that starts at virtual address
0xffffffffff600000. This results in a text address block that starts at a
normal kernel text address but ends with a vsyscall address, which
inadvertently contains the whole vmalloc address range. Without the
patch, line number requests for module vmalloc text addresses would be
mistakenly issued the first text section that ended with a vsyscall
address, but then cannot find line number information in that section.
* Fix for the inadvertent patching of the symbols of the 32-bit Xen
hypervisor binary. Without the patch, during initialization the
minimal_symbols are "patched" with their original values, so they remain
unchanged, and the message "WARNING: kernel relocated [0MB]: patching 3434
gdb minimal_symbol values" is displayed.
* If the "--mod <directory-tree>" command line option, or the setting of the
CRASH_MODULE_PATH environment variable, or the "mod -S <directory-tree>"
point to a tree that contains only the separate debuginfo
"<module>.ko.debug" files, then those debuginfo files will be used as the
internal "add-symbol-file" arguments to the embedded gdb module. Without
the patch, it was only acceptable to point to a directory tree that
contained the base "<module>.ko" files, and the separate debuginfo files
were found automatically based upon the directory path to the base module
file. This will allow an alternate module-debuginfo directory tree to be
set up like so: # cd <directory> # rpm2cpio kernel-debuginfo-<release>.rpm
| cpio -idv Having done that, the <directory> may be used with the
"--mod", command line argument, or as the CRASH_MODULE_PATH environment
variable, or as the "mod -S <directory> argument.
* Make the suspension of the verbose/time-consuming "sym -l" output
immediate upon the killing of the output pipe, or the entry of the first
CTRL-c. Without the patch, it would typically take several seconds, or
multiple CTRL-c entries, for the "crash>" prompt to be re-displayed.
* Fix for the handling of piped commands if the command receiving the crash
output is non-existent or invalid. Without the patch, the crash command
would wait indefinitely unless multiple CTRL-c entries were entered.
* Fix for the s390x "bt" command's floating point register display header.
Without the patch, the header indicates that only registers 0, 2, 4 and 6
are printed, a relic of the s390 architecture, whereas on the s390x all
floating point registers are displayed.
* Fix for the error message displayed when an untrusted .gdbinit file exists
in the current directory. Without the patch, the error message "WARNING:
not using untrusted file: " would be followed by garbage ASCII data
instead of the full pathname of the .gdbinit file.
* Fix for the "kmem -p" and "kmem -i" commands in 3.1 and later kernels
where the page structure's "_count" member was moved into an embedded
anonymous structure. Without the patch, the commands fail with the error
message "kmem: invalid structure member offset: page_count FILE: memory.c
LINE: 4610 FUNCTION: dump_mem_map_SPARSEMEM()".
* Allow the user to append data to the CFLAGS and LDFLAGS variables in the
top-level Makefile. The extra data should be put in files named
"CFLAGS.extra" and "LDFLAGS.extra" in the top-level directory; if either
or both files exist, the extra data within them will be appended to the
relevant variable. Typically the LDFLAGS.extra file will contain
"-l<library>" strings, and the CFLAGS.extra file will contain "-D<value>"
strings. This will allow the crash utility to be built with optional
libraries, and the code that references them to be encapsulated with
associated "#ifdef <value>" sections. The extra CFLAGS data will also be
passed to extension modules that are built within the local
"crash-<version>/extensions" subdirectory.
* The LDFLAGS setting in the Makefile can no longer be modified by hand. It
will be automatically configured by the "configure -b" option, based upon
the contents of the optional "LDFLAGS.extra" file.
* Fix for the "runq" command to display the runnable tasks that are
contained within a cgroup's task-group scheduling entity. Without the
patch, only scheduling entities that are individual tasks get displayed,
and runnable tasks in task-group scheduling entities get skipped.
* Fix for the SIAL extension module when repeatedly loading and unloading a
sial script when a full pathname is specified for the script. Without the
patch, the 4th unload attempt generates a segmentation violation.
* Fix for the SIAL extension module to register the help and usage functions
for a command only when loading a script.
crash (6.0.0-1) unstable; urgency=low
* New upstream version 6.0.0
* Depend on binutils (close: #645124)
* Updated the embedded gdb version to FSF gdb-7.3.1. This change is
required for kernels built with gcc-4.6.1, which now defaults to using
-gdwarf-4. When using prior versions of crash on such a vmlinux file, it
fails immediately with the message "Dwarf Error: wrong version in
compilation unit header (is 4, should be 2) [in module vmlinux]" followed
by "crash: vmlinux: no debugging data available". (anderson at redhat.com)
* Incremental patch for the SADUMP dumpfile support that was introduced in
crash-5.1.8. The patchset fixes minor bugs, cleans up the sadump module,
addresses the issue of gathering the first 640KB backup from a
kdump-enabled kernel, prepares for makedumpfile's support of the SADUMP
format, and has "bt" display the stored register set when the compressed
kdump was generated from an SADUMP dumpfile. (d.hatayama at jp.fujitsu.com)
* Fix for the "gdb" command, or any command that resolves to a gdb command,
to allow redirection to a pipe or file. This addresses a regression that
was introduced by an unrelated "gdb" command fix in crash-5.1.4 that
prevented the stripping of quotation marks from the input line. Without
the patch, redirection of a "gdb" command to a pipe or file fails with the
error message "gdb: gdb request failed:
<original-command-line-including-redirection>". (anderson at redhat.com)
* Fix for live system analysis of 32-bit PPC kernels. Without the patch,
the session would fail after displaying the error message: WARNING:
machine type mismatch: crash utility: PPC vmlinux: (unknown)
(nakayama.ts at ncos.nec.co.jp)
* Fix to allow vmalloc memory access on 32-bit PPC kernels. Without the
patch, the warning message "WARNING: cannot access vmalloc'd module
memory" would be displayed during invocation, and kernel virtual memory
that was vmalloc'd could not be accessed. (nakayama.ts at ncos.nec.co.jp)
* Fix to correctly gather task addresses from 32-bit PPC kernels. Without
the patch, during invocation a stream of error messages indicating "crash:
invalid task address in pid_hash: <address>" would be displayed.
(nakayama.ts at ncos.nec.co.jp)
* Fix for the "bt" command in 32-bit PPC kernels. Without the patch, the
"bt" command would generate a segmentation violation.
(nakayama.ts at ncos.nec.co.jp)
crash (5.1.9-1) unstable; urgency=low
* New upstream version 5.1.9
* Fixed the compressed kdump panic task determination function to use the
kernel's "crashing_cpu" symbol if it exists. Without the patch, the
function returned 0 because it was using diskdump-specific header
variables that are always set to zero in compressed kdump dumpfiles; the
panic task was then found by searching the kernel stacks of all of the
active tasks. (anderson at redhat.com)
* Fix for the potential of false-positive warning messages during the
initialization of s390x zdump dumpfiles that would indicate either
"WARNING: multiple active tasks have called die and/or panic" and/or
"WARNING: multiple active tasks have called die".
(holzheu at linux.vnet.ibm.com)
* Removal of superfluous code for gathering registers from the ELF header in
the ARM get_netdump_regs_arm() function. (per.fransson.ml at gmail.com)
* Additional fixes for the ARM architecture gdb-7.0/bfd/elf32-arm.c and
gdb-7.0/bfd/cpu-arm.c files to handle gcc-4.6 compiler failures. Without
the patch, gcc-4.6 generates "error: variable ‘<variable>’ set but not
used [-Werror=unused-but-set-variable]" fatal errors when the (default)
-Werror flag is used. Previous gcc versions considered local variables
were simply set to some value to be "used", but that is no longer the
case. (anderson at redhat.com)
* Added new "dis -[xd]" options, which override the current default output
format with hexadecimal or decimal format for just the command instance.
Without the patch, it would require changing the default output format
with "hex" or "dec" prior to executing "dis". (anderson at redhat.com)
* Added new "task -[xd]" options, which override the current default output
format with hexadecimal or decimal format for just the command instance.
Without the patch, it would require changing the default output format
with "hex" or "dec" prior to executing "task". The new flags may be used
with "foreach task" as well. (anderson at redhat.com)
* Prevent the "struct -[xd]", "union -[xd]", and "p -[xd]" commands from
allowing both options being entered on the command line.
(anderson at redhat.com)
* Fixes to top-level crash source files filesys.c, memory.c, netdump.c,
sadump.c, symbols.c, x86.c and lkcd_x86_trace.c to allow them to be
compiled cleanly with gcc-4.6. Without the patch, gcc-4.6 generates fatal
errors indicating "error: variable ‘<variable>’ set but not used
[-Werror=unused-but-set-variable]" when building crash with "make Warn",
or generates similar warning messages when building with "make warn".
This has been tested only on x86, x86_64 and ARM; the other architectures
may still generate errors/warnings when compiling their machine-specific
files with gcc-4.6. (anderson at redhat.com)
* Fix for the "irq" command on 2.6.39 and later kernels. Without the patch,
the command fails with the message "irq: invalid structure member offset:
irq_desc_t_status". (anderson at redhat.com)
* Fix for the SIAL extension module that solves the problem of getting
access to integer variables. (makc at gmx.co.uk)
* Fix for compiler warnings when building the extensions/sial.so extension
module with recent versions of /usr/bin/ld. Without the patch, two
warning messages are displayed: "/usr/bin/ld: Warning: alignment 4 of
symbol 'sialppdebug' in /tmp/ccYSzE2s.o is smaller than 16 in
libsial/libsial.a(sialpp.tab.o)" and "/usr/bin/ld: Warning: alignment 4 of
symbol 'sialdebug' in /tmp/ccYSzE2s.o is smaller than 16 in
libsial/libsial.a(sial.tab.o)". (maxc at gmx.co.uk)
* If the stack pointer found in the register set stored in the ELF header of
a compressed kdump dumpfile, a KVM dumpfile, or an SADUMP dumpfile is
either NULL or cannot be accessed, the register set will be dumped after
the error message. Without the patch, only the error message was
displayed. (anderson at redhat.com)
* Preparation of the top-level crash sources for more efficient updates of
the embedded gdb version. The changes should be invisible other than the
fact that all top-level source files will now be compiled with the
-DGDB_xxx flag, because the gdb-defined TYPE_CODE_xxx values that are
exported in defs.h changed in more recent gdb versions.
(anderson at redhat.com)
* Fixes for potential segmentation violations during the panic task search
phase of session initialization from a version 4 or later x86_64
compressed kdump, in which the number of ELF NT_PRSTATUS notes in the
dumpfile does not match the number of cpus running when the system
crashed. (Joe.Lawrence at stratus.com, anderson at redhat.com)
* Created an exported set_tmpfile2() function that allows the caller to pass
in their own FILE pointer of an open file that only exists during the
execution of a command. It will afford the recursive-use protection of
open_tmpfile2() plus the automatic closure of the file if the command
fails prior to completion or if the user forgets to close it with
close_tmpfile2(). (anderson at redhat.com)
* Created a new "rd -r <outputfile>" option that copies raw data from memory
to an output file. It can be invoked either of two possible manners:
crash> rd -r <outputfile> <address> <count>
crash> rd -r <outputfile> <address> -e <ending-address
The <count> value is always a byte count with this option.
(adrian.wenl at gmail.com, anderson at redhat.com)
* Fix for the ARM "bt" command to store the correct value of the fp register
of active tasks. Without the patch, in rare circumstances, the output may
show an empty backtrace. (per.xx.fransson at stericsson.com)
* Fix to prevent a harmless warning message when /proc/kallsyms is used as a
mapfile argument. Without the patch, during initialization, the message
"crash: /proc/kallsyms: lseek: Invalid argument" is displayed. If a
regular file copy of /proc/kallsyms is used, the message is not displayed.
(anderson at redhat.com)
* Fix for running against live x86 kernels that have been relocated by the
Intel Trusted Boot or "tboot" facility. Without the patch, a live crash
session fails during invocation with the error message "crash: vmlinux and
/dev/mem do not match!" (or "/dev/crash" if applicable). As a
work-around, "/proc/kallsyms" can be entered on the command line, or the
"--reloc=<size>" option can be used, but this fix obviates that
requirement for live systems. (anderson at redhat.com)
* Fix for the unlikely event where makedumpfile-generated s390/s390x
compressed kdumps do not have a CPU count in the dumpfile header. This
can happen when older s390 dump tools are used to create a dump that do
not write the CPU information into the s390 dump header. Without the
patch, the warning message "crash: compressed kdump: invalid nr_cpus: 0"
is displayed, the dumpfile is not recognized as a compressed kdump, and
the session fails. Since s390/s390x have a fallback function that gets
the CPU register information out of memory, the same warning message will
be displayed, but the dumpfile will still be recognized as a compressed
kdump. (holzheu at linux.vnet.ibm.com)
* Fix for the "net -s" command on 2.6.38 and later kernels. Without the
patch, the command fails with the error message "net: invalid structure
member offset: inet_opt_daddr". (bob.montgomery at hp.com,
anderson at redhat.com)
crash (5.1.8-1) unstable; urgency=low
* Added explicit build-dep for dpkg-dev (>= 1.16.1) to resolve the "set but
unused" errors.
* New upstream version 5.1.8
* Fixes for gdb-7.0 ppc64/ppc-specific files to handle gcc-4.6 compiler
failures. Without the patch, gcc-4.6 generates "error: variable
‘<variable>’ set but not used [-Werror=unused-but-set-variable]" fatal
errors when the (default) -Werror flag is used. Previous gcc versions
considered local variables were simply set to some value to
* Add support for the "bt" command to recognize the new s390x
"restart_stack" used by the PSW restart interrupt in 3.0.1 and later
kernels.
* Enhancement to the s390x "bt" command to display the register contents of
the pt_regs strucutre for interrupts, instead of just printing the string
"- Interrupt -". The pt_regs structure contains all of the current
registers and PSW of the interrupted CPU.
* Removed the "files -l" option, which does not support 2.6 or later
kernels, and because it requires structure offset data that can only be
determined if the "lockd" and "nfsd" modules have been built into the
kernel. Given the kernel module dependencies, the command is more
suitable as an extension module, if anyone cares to carry on its legacy.
* Fix for the "ps" command to disallow the mutually-exclusive "-u" and "-k"
options from being entered together. Without the patch, whichever of the
two options was entered last was acted upon. Also, the help page was
clarified by separating the three process identifier formats from the
"-u", "-k" and "-G" qualifiers.
* Fix for the "ps" command to disallow the mutually-exclusive "-a", "-t",
"-c", "-p", "-g", "-l" and "-r" options from being entered together.
Without the patch, whichever of the seven options that was entered last
was acted upon.
* Added new "struct -[xd]" and "union -[xd]" options, which override the
current default output format with hexadecimal or decimal format for just
the command instance. The "-o" member offset values and the structure
size value are also controlled by the new options. Without the patch, it
would require changing the default output format with "hex" or "dec" prior
to executing the "struct" or "union" command.
* Fix for the "fuser" command, which may occasionally precede its output
with the message "WARNING: FILE_NRHASH has changed from 32" on 2.6.19 and
later kernels. The message is harmless.
* Exported new set_temporary_radix() and restore_current_radix() functions,
which are used to temporarily override the current output radix setting.
* Fixes for ARM gdb-7.0/bfd/elf32-arm.c file to handle gcc-4.6 compiler
failures. Without the patch, gcc-4.6 generates "error: variable
‘<variable>’ set but not used [-Werror=unused-but-set-variable]" fatal
errors when the (default) -Werror flag is used. Previous gcc versions
considered local variables were simply set to some value to be "used", but
that is no longer the case.
* Cosmetic fix for command-failure "Usage" messages to prevent the output
from exceeding 80 columns.
* Implemented a new "struct -p" option which can be used to dereference
pointer members and display the target data. The option can be used with
the struct_name.member[,member] format, or if not, all pointers in the
structure will be dereferenced. If the member is a pointer, the member's
data type will be prepended to the member name when displaying the target
address; on the subsequent line(s) the target's symbol name will be
displayed in brackets if appropriate, and if possible, the target data
will be displayed.
* Implemented support for "SADUMP" dumpfiles, which are created by the
Fujitsu Stand Alone Dump facility. The dump-creation mechanism is based
in hardware-specific firmware, generating a dumpfile in three different
formats: sadump dump device (single partition), sadump dump device (disk
set), and archive file formats. The crash utility recognizes all three
formats.
* Fix for the "bt" command to display Control registers 8-15 (s390x and
s390) and floating point registers 8-15 (s390x only) correctly. Without
the patch, the register content was copied from the wrong location of the
save area, and the wrong register values were displayed for the active
tasks.
* Fix for 2.6.34 ppc64 kernels, which were changed to dynamically allocate
the paca structure, and changed the data type of "paca" symbol from array
to a paca_struct pointer.
* Fix for 2.6.36 and later ppc64 kernels, which overwrite the paca pointer
variable to point to a static paca during a crash sequence just prior to
the kexec of the secondary kernel, which contains a
paca_struct.data_offset value that is valid only for crashing cpu.
However, the kernel change also re-introduced the __per_cpu_offset array,
which had been removed in 2.6.15, which will be used as an alternative to
the per-cpu paca_struct.
* The new version of makedumpfile, 1.4.0, contains a facility that allows a
user to filter out kernel data (e.g., security keys, confidential/secret
information, etc.) from a vmcore. The data that is filtered out is
poisoned with character 'X' (0x58). A filtered ELF kdump vmcore now
contains a new "ERASEINFO" ELF note section that contains the filter data
strings used by makedumpfile. A filtered compressed kdump has a header
version number 5, and contains new offset_eraseinfo and size_eraseinfo
members in its sub-header that point to a copy of the filter data strings.
In most cases, the erased kernel data will be inconsequential to the crash
session, but it is certainly possible that the removal of crucial kernel
data that the crash utility needs may cause the crash session to fail,
cause individual commands to fail, or result in other unpredictable
runtime behaviour. This patch detects whether kernel data has been erased
from the dumpfile, and if so, displays an early warning message alerting
the user. The "help -n" command displays the filter data strings that
were used by makedumpfile.
crash (5.1.7-4) unstable; urgency=low
* Stop erroring on the set-but-unused messages (close: #643719)
crash (5.1.7-3) unstable; urgency=low
* Fix the fix for the "set but unused" patch for ppc (closes: #639067)
crash (5.1.7-2) unstable; urgency=low
* Fixed "set but unused" errors on PPC causing a FTBS.
crash (5.1.7-1) unstable; urgency=low
* New upstream version 5.1.7
* Fix for the x86_64 "bt" command in the highly-unlikely event that a
non-crashing CPU receives a NMI immediately after receiving an interrupt
from another source in a 2.6.29 and later kernel. In those kernels, the
IRQ entry-point symbols "IRQ0x00_interrupt" through "IRQ0x##_interrupt" no
longer exist, but the entry points exist as memory locations starting at
the symbol "irq_entries_start". Without the patch, if a shutdown NMI
interrupt gets received while in one of the entry point stubs, "bt" will
fail with the error message "bt: cannot transition from exception stack to
current process stack".
* The x86 and x86_64 "bt -e" and "bt -E" commands will display symbolic
translations of kernel-mode exception RIP values.
* Clarified two initialization-time CRASHDEBUG(1) messages to make it
obvious that the two linux_banner strings being compared originate from
the memory source or the kernel namelist file.
* Fix for the x86 "bt" command to handle cases where the shutdown NMI was
received when a task had just completed an exception, interrupt, or signal
handler, and was about to return to user-space. Without the patch, the
backtrace would be proceeded with the error message "bt: cannot resolve
stack trace", display the trace without the kernel-entry exception frame,
and then dump the text symbols found on the stack and all possible
exception frames.
* Fix for 2.6.33 and later kernels that are not configured CONFIG_SMP.
Without the patch, they fail during initialization with the error message
"crash: invalid structure member offset: module_percpu".
* Prepare for the imminent change in size of the vm_flags member of the
vm_area_struct to be 64-bits in size for all architectures now that 32
bits have been consumed. The crash utility code had been handling the
older change of the vm_flags member from a short to a long, but that would
not account for the future change to a 64-bit member on 32-bit
architectures.
* Update of the "vm -f <flags>" option to the current upstream state.
Without the patch, only 23 of the currently-existing 32 bit flags were
being translated. (anderson at redhat.com)
* Fix for the "kmem -s", "kmem -S", "kmem -s <address>" and "kmem <address>"
command options if none of the NUMA nodes in in a multi-node CONFIG_SLAB
system have a node ID of 0. Without the patch, "kmem -s" and "kmem -S"
show all slab caches as if they contain no slabs; if an <address> is
specified, the correct slab cache is found, but the command indicates
"kmem: <slab-cache-name>: address not found in cache: <address>".
* Cosmetic fix for the "kmem -[sS]" options if a CONFIG_SLAB kernel slab
cache contains 100000 or more slabs, or uses a slab size of 1 or more
megabytes. Without the patch, the output utilizes more than 80 columns.
* If a task was in user-space when a crash occurred, the user-space
registers are saved in per-cpu NT_PRSTATUS ELF notes in either version 4
compressed kdump headers, or in dumpfile headers created by the Fujitsu
"sadump" facility. In that case, the "bt" command will dump the x86 or
x86_64 user-space register set.
* Fix for the x86 "bt" command to handle cases where the shutdown NMI was
received when a task had just received an interrupt, but before it had
created a full exception frame on the kernel stack and called the
interrupt handler. Without the patch, the backtrace would be proceeded
with the error message "bt: cannot resolve stack trace", display the trace
without the kernel-entry exception frame, and then dump the text symbols
found on the stack and all possible exception frames.
* Fix for the x86 "bt" command to handle cases where the shutdown NMI was
received when a task was in the act of being switched to. Without the
patch, the backtrace would be proceeded with the error message "bt: cannot
resolve stack trace", display the trace without the kernel-entry exception
frame, and then dump the text symbols found on the stack and all possible
exception frames.
-- Stefan Bader <stefan.bader at canonical.com> Thu, 25 Oct 2012 16:29:52 +0200
** Changed in: crash (Ubuntu)
Status: In Progress => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-3509
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1064475
Title:
crash version is outdated. Needs to import Debian version of the
package
Status in “crash” package in Ubuntu:
Fix Released
Status in “crash” source package in Precise:
Triaged
Status in “crash” source package in Quantal:
Triaged
Bug description:
Sid's version of crash is at 6.0.6 and upstream is at 6.1.0. Ubuntu
version should at least follow Sid's version
SRU Justification (for Quantal and Precise):
Impact: With the current crash utility in Quantal (and Precise) it is
impossible to look at dumps from recent kernels (3.5+). So Quantal
cannot be used to examine dumps created in Quantal and with the
rolling backport kernels we will have the same problem in Precise
(12.04.2). Beside that it should be possible to use the latest LTS to
work on newer dumps (IMO). Another feature of this latest release is
the ability to work on dumps of PV guests produced by Xen.
Fix: Instead of trying to pick individual patches it is much simpler
to push the the 6.1.0 release back into older releases. It was
compiled and tested in Precise at least while working on bug reports
that involved dumps and required a recent version of crash.
Testcase:
- Load and examine a dump produced from a 3.5+ kernel
- Load and examine a dump of a PV Xen guest.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/crash/+bug/1064475/+subscriptions
More information about the Ubuntu-sponsors
mailing list