Crash-utility December 2011

devel@lists.crash-utility.osci.io

12 participants
14 discussions

Patching more pseudo section symbols from layouts

by Toshikazu Nakayama

Hello Dave, I add more pseudo section symbols which do not own any named symbol like ffffffffa004ccf0 [.rodata.str1.1]: section start ffffffffa004d14a [.rodata.str1.1]: section end crash> rd ffffffffa004ccf0 -e ffffffffa004d14a This can access section data without symbol. This patch set way is learned from kernel/module.c layout_sections() and probably be possible to integrate existing calculate_load_order_v1/2() or add_symbol_file_kallsyms(). However, I can not confirm many kernel versions or architecrures, thus my choice is verifying and updating to installed sections. P.S. I want to make feature in http://grsecurity.net/ PaX linux in crash utility. The PaX patch changes module location by separating non contiguous RX/RW areas which makes virtual address hole in module, also translates virtual address. I tried but crash can not work out yet under PaX linux. I'm resolving them with brief/rough way and useful parts are merged into crash code, and then posting here. If you can accept such a non mainline kernel feature in crash utility, I would like to keep posting patch set until my whole work has done. Thanks, Toshi

13 years, 3 months

2
5
0 / 0

[PATCH] task, fix: active_set[NR_CPUS-1] could wrongly be chosen as panic task

by HATAYAMA Daisuke

Hello Dave, I found this when investigating how crash determines panic task. Honestly I don't have vmcore reproducing this bug but which could happen when there're 4096 online CPUS. Thanks. HATAYAMA, Daisuke

13 years, 4 months

2
1
0 / 0

Remote processing of core dump

by Vasily Averin

Hi Dave, could you please advise is it possible to process core dump remotely? Currently for investigation of kernel crashes on customer nodes I need either download coredump to local node or upload debug symbols to remote node. This may not be quite convenient for various reasons. Is it possible to use gdbserver-like functionality with crash? IMHO it would be great to start crash utility locally, with debug symbols but without core dump file, and then connect to gdbserver on remote node attached to core dump file. Thank you, Vasily Averin

13 years, 4 months

2
1
0 / 0

Pseudo symbol for found out module sections

by Toshikazu Nakayama

Hello Dave, I add helper pseudo symbol about found out module sections. They can be looked see by "sym -m <module name>" after module object file has been loaded. I think the visual effects of section layout or grouping are useful information for symbols. Thanks, Toshi --- crash> mod -s blowfish crash> sym -m blowfish ffffffffa0134000 MODULE START: blowfish ffffffffa0134000 [.text]: section start ffffffffa0134000 (t) encrypt_block ffffffffa0134434 (t) bf_encrypt ffffffffa0134470 (t) bf_decrypt ffffffffa01348ae (t) bf_setkey ffffffffa0134a10 [.text]: section end ffffffffa0134a10 [.exit.text]: section start ffffffffa0134a10 (T) cleanup_module ffffffffa0134a10 (t) fini ffffffffa0134a25 [.exit.text]: section end ffffffffa0134a40 [.rodata]: section start ffffffffa0134a40 (r) bf_pbox ffffffffa0134aa0 (r) bf_sbox ffffffffa0135aa0 [.rodata]: section end ffffffffa01361a0 [.data]: section start ffffffffa01361a0 (d) alg ffffffffa0136230 [.data]: section end ffffffffa0136280 [.gnu.linkonce.this_module]: section start ffffffffa0136280 (D) __this_module ffffffffa0136800 [.gnu.linkonce.this_module]: section end ffffffffa0136800 MODULE END: blowfish crash>

13 years, 4 months

2
1
0 / 0

← Newer
1
2
Older →

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Crash-utility December 2011