1:52 p.m.
While running crash on KASLR enabled live arm64 kernels I noticed
that the crash would fail after printing the following error messages
if it cannot find vmlinux for the boot'ed system:
crash: invalid kernel virtual address: 8470 type: "possible"
WARNING: cannot read cpu_possible_map
crash: invalid kernel virtual address: 8270 type: "present"
WARNING: cannot read cpu_present_map
crash: invalid kernel virtual address: 8070 type: "online"
WARNING: cannot read cpu_online_map
crash: invalid kernel virtual address: 8670 type: "active"
WARNING: cannot read cpu_active_map
crash: cannot resolve "_stext"
Since vmlinux is not available at the standard expected location, i.e
'/usr/lib/debug/lib/modules/<kernel-version>' directory, so
_stext_vmlinux stays UNINITIALIZED inside 'derive_kaslr_offset()'
and 'relocate' becomes 0.
Later-on this can lead to 'cannot resolve "_stext"' error in
'symbol_value()' function.
We can go ahead and fix the same, but ideally since we are running
on a live system, we should be finding the vmlinux at the standard
location, otherwise we should do proper error handling.
So this patch errors out earlier, if we don't find a valid value for
'_stext_vmlinux' and prompts the user to refer to the 'usage'
banner.
Signed-off-by: Bhupesh Sharma <bhsharma(a)redhat.com>
---
symbols.c | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/symbols.c b/symbols.c
index 4db9af7bf044..30669950635d 100644
--- a/symbols.c
+++ b/symbols.c
@@ -663,6 +663,24 @@ derive_kaslr_offset(bfd *abfd, int dynamic, bfd_byte *start, bfd_byte
*end,
return;
}
+ /* For KASLR enabled live kernels, if vmlinux is not available
+ * at the standard expected location, i.e
+ * '/usr/lib/debug/lib/modules/<kernel-version>' directory,
+ * then _stext_vmlinux will be set to NULL or UNINITIALIZED.
+ *
+ * Later-on this may lead to "_stext" symbol not being resolved
+ * properly (which may lead to an ambiguous error message).
+ *
+ * So, error out earlier here itself, in case _stext_vmlinux
+ * is NULL or UNINITIALIZED.
+ */
+ if (!st->_stext_vmlinux || (st->_stext_vmlinux == UNINITIALIZED)) {
+ error(INFO, "_stext not found in vmlinux :\n"
+ " if running a live system -- please provide a suitable vmlinux,\n"
+ " otherwise -- please enter namelist argument.\n");
+ program_usage(SHORT_FORM);
+ }
+
/*
* To avoid mistaking an mismatched kernel version with
* a kaslr offset, we make sure that the offset is
--
2.7.4
2:11 p.m.
Hi Bhupesh,
I'm confused. If the vmlinux cannot be found, then the crash session should
bail out after printing the standard error message in find_booted_kernel():
error(INFO,
"cannot find booted kernel -- please enter namelist
argument\n\n");
If derive_kaslr_offset() is called, then it must have gotten past find_booted_kernel()
with a vmlinux file. What am I missing?
Dave
----- Original Message -----
While running crash on KASLR enabled live arm64 kernels I noticed
that the crash would fail after printing the following error messages
if it cannot find vmlinux for the boot'ed system:
crash: invalid kernel virtual address: 8470 type: "possible"
WARNING: cannot read cpu_possible_map
crash: invalid kernel virtual address: 8270 type: "present"
WARNING: cannot read cpu_present_map
crash: invalid kernel virtual address: 8070 type: "online"
WARNING: cannot read cpu_online_map
crash: invalid kernel virtual address: 8670 type: "active"
WARNING: cannot read cpu_active_map
crash: cannot resolve "_stext"
Since vmlinux is not available at the standard expected location, i.e
'/usr/lib/debug/lib/modules/<kernel-version>' directory, so
_stext_vmlinux stays UNINITIALIZED inside 'derive_kaslr_offset()'
and 'relocate' becomes 0.
Later-on this can lead to 'cannot resolve "_stext"' error in
'symbol_value()' function.
We can go ahead and fix the same, but ideally since we are running
on a live system, we should be finding the vmlinux at the standard
location, otherwise we should do proper error handling.
So this patch errors out earlier, if we don't find a valid value for
'_stext_vmlinux' and prompts the user to refer to the 'usage'
banner.
Signed-off-by: Bhupesh Sharma <bhsharma(a)redhat.com>
---
symbols.c | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/symbols.c b/symbols.c
index 4db9af7bf044..30669950635d 100644
--- a/symbols.c
+++ b/symbols.c
@@ -663,6 +663,24 @@ derive_kaslr_offset(bfd *abfd, int dynamic, bfd_byte
*start, bfd_byte *end,
return;
}
+ /* For KASLR enabled live kernels, if vmlinux is not available
+ * at the standard expected location, i.e
+ * '/usr/lib/debug/lib/modules/<kernel-version>' directory,
+ * then _stext_vmlinux will be set to NULL or UNINITIALIZED.
+ *
+ * Later-on this may lead to "_stext" symbol not being resolved
+ * properly (which may lead to an ambiguous error message).
+ *
+ * So, error out earlier here itself, in case _stext_vmlinux
+ * is NULL or UNINITIALIZED.
+ */
+ if (!st->_stext_vmlinux || (st->_stext_vmlinux == UNINITIALIZED)) {
+ error(INFO, "_stext not found in vmlinux :\n"
+ " if running a live system -- please provide a suitable vmlinux,\n"
+ " otherwise -- please enter namelist argument.\n");
+ program_usage(SHORT_FORM);
+ }
+
/*
* To avoid mistaking an mismatched kernel version with
* a kaslr offset, we make sure that the offset is
--
2.7.4
4:05 p.m.
Hi Dave,
On Tue, Feb 27, 2018 at 1:41 AM, Dave Anderson <anderson(a)redhat.com> wrote:
Hi Bhupesh,
I'm confused. If the vmlinux cannot be found, then the crash session should
bail out after printing the standard error message in find_booted_kernel():
error(INFO,
"cannot find booted kernel -- please enter namelist
argument\n\n");
If derive_kaslr_offset() is called, then it must have gotten past find_booted_kernel()
with a vmlinux file. What am I missing?
Thanks for pointing this out. You are right. I was missing a special
use case in 'find_booted_kernel'.
I will send another patch specifically to cover that case.
Meanwhile, let me self-NAK this patch.
Regards,
Bhupesh
----- Original Message -----
> While running crash on KASLR enabled live arm64 kernels I noticed
> that the crash would fail after printing the following error messages
> if it cannot find vmlinux for the boot'ed system:
>
> crash: invalid kernel virtual address: 8470 type: "possible"
> WARNING: cannot read cpu_possible_map
> crash: invalid kernel virtual address: 8270 type: "present"
> WARNING: cannot read cpu_present_map
> crash: invalid kernel virtual address: 8070 type: "online"
> WARNING: cannot read cpu_online_map
> crash: invalid kernel virtual address: 8670 type: "active"
> WARNING: cannot read cpu_active_map
>
> crash: cannot resolve "_stext"
>
> Since vmlinux is not available at the standard expected location, i.e
> '/usr/lib/debug/lib/modules/<kernel-version>' directory, so
> _stext_vmlinux stays UNINITIALIZED inside 'derive_kaslr_offset()'
> and 'relocate' becomes 0.
>
> Later-on this can lead to 'cannot resolve "_stext"' error in
> 'symbol_value()' function.
>
> We can go ahead and fix the same, but ideally since we are running
> on a live system, we should be finding the vmlinux at the standard
> location, otherwise we should do proper error handling.
>
> So this patch errors out earlier, if we don't find a valid value for
> '_stext_vmlinux' and prompts the user to refer to the 'usage'
> banner.
>
> Signed-off-by: Bhupesh Sharma <bhsharma(a)redhat.com>
> ---
> symbols.c | 18 ++++++++++++++++++
> 1 file changed, 18 insertions(+)
>
> diff --git a/symbols.c b/symbols.c
> index 4db9af7bf044..30669950635d 100644
> --- a/symbols.c
> +++ b/symbols.c
> @@ -663,6 +663,24 @@ derive_kaslr_offset(bfd *abfd, int dynamic, bfd_byte
> *start, bfd_byte *end,
> return;
> }
>
> + /* For KASLR enabled live kernels, if vmlinux is not available
> + * at the standard expected location, i.e
> + * '/usr/lib/debug/lib/modules/<kernel-version>' directory,
> + * then _stext_vmlinux will be set to NULL or UNINITIALIZED.
> + *
> + * Later-on this may lead to "_stext" symbol not being resolved
> + * properly (which may lead to an ambiguous error message).
> + *
> + * So, error out earlier here itself, in case _stext_vmlinux
> + * is NULL or UNINITIALIZED.
> + */
> + if (!st->_stext_vmlinux || (st->_stext_vmlinux == UNINITIALIZED)) {
> + error(INFO, "_stext not found in vmlinux :\n"
> + " if running a live system -- please provide a suitable
vmlinux,\n"
> + " otherwise -- please enter namelist argument.\n");
> + program_usage(SHORT_FORM);
> + }
> +
> /*
> * To avoid mistaking an mismatched kernel version with
> * a kaslr offset, we make sure that the offset is
> --
> 2.7.4
>
>
2455
days inactive
2456
days old
devel@lists.crash-utility.osci.io
2 comments
2 participants
participants (2)
-
Bhupesh Sharma -
Dave Anderson