8:16 a.m.
Hello,
I have a couple dumps generated on Ubuntu Trusty LTS (3.13.0-39-generic
kernel) which crash fails on.
$ ./crash ../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic
../dump.201412280256
crash 7.0.9
Copyright (C) 2002-2014 Red Hat, Inc.
Copyright (C) 2004, 2005, 2006, 2010 IBM Corporation
Copyright (C) 1999-2006 Hewlett-Packard Co
Copyright (C) 2005, 2006, 2011, 2012 Fujitsu Limited
Copyright (C) 2006, 2007 VA Linux Systems Japan K.K.
Copyright (C) 2005, 2011 NEC Corporation
Copyright (C) 1999, 2002, 2007 Silicon Graphics, Inc.
Copyright (C) 1999, 2000, 2001, 2002 Mission Critical Linux, Inc.
This program is free software, covered by the GNU General Public License,
and you are welcome to change it and/or distribute copies of it under
certain conditions. Enter "help copying" to see the conditions.
This program has absolutely no warranty. Enter "help warranty" for details.
GNU gdb (GDB) 7.6
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu"...
crash: cannot determine thread return address
please wait... (gathering kmem slab cache data)
crash: invalid kernel virtual address: 1c type: "kmem_cache
objsize/object_size"
crash: failed to read pageflag_names entry
please wait... (gathering module symbol data)
WARNING: invalid kernel module size: 0
crash: cannot determine idle task addresses from init_tasks[] or runqueues[]
crash: cannot resolve "init_task_union"
vmlinux-3.13.0-39-generic was extracted from Ubuntu ddeb:
$ file ../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic
../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic: ELF 64-bit LSB
executable, x86-64, version 1 (SYSV), statically linked,
BuildID[sha1]=c4fa631d2cc34a0b2628a5de01a04e81a0667555, not stripped
With -d8 I get:
...
<read_diskdump: addr: ffffffffffffffff paddr: 7fffffff cnt: 1>
read_diskdump: paddr/pfn: 7fffffff/7ffff -> cache physical page: 7ffff000
crash: invalid kernel virtual address: 0 type: "memory section"
The entire -d8 output is attached.
Bogus "base kernel version" stands out immediately and I'm pretty sure
I've seen "0.0.0" in there a couple times with exactly the same dump.
From a quick look, the base kernel version code in kernel.c is not
safe
against kt->utsname.release being all zeroes.
Eddy Gonzalo (CC'ed) can probably provide access to the dumps if
needed.
Thanks,
Ilya
8:21 a.m.
Hello,
Sure, we can provide acces to the dump.
Saludos / Regards,
Eddy Castillon
System Infrastructure Engineer
Axcess Financial | Peru
ecastillon(a)axcess-financial.com
Office: +51 - 6408117 - 2175
Cellphone: 983270761
http://www.axcess-financial.com.pe
----- Original Message -----
From: "Ilya Dryomov" <idryomov(a)redhat.com>
To: crash-utility(a)redhat.com
Cc: "Castillon de la Cruz, Eddy Gonzalo" <ecastillon(a)axcess-financial.com>
Sent: Monday, January 5, 2015 9:16:09 AM
Subject: crash: invalid kernel virtual address: 0 type: "memory section"
Hello,
I have a couple dumps generated on Ubuntu Trusty LTS (3.13.0-39-generic
kernel) which crash fails on.
$ ./crash ../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic
../dump.201412280256
crash 7.0.9
Copyright (C) 2002-2014 Red Hat, Inc.
Copyright (C) 2004, 2005, 2006, 2010 IBM Corporation
Copyright (C) 1999-2006 Hewlett-Packard Co
Copyright (C) 2005, 2006, 2011, 2012 Fujitsu Limited
Copyright (C) 2006, 2007 VA Linux Systems Japan K.K.
Copyright (C) 2005, 2011 NEC Corporation
Copyright (C) 1999, 2002, 2007 Silicon Graphics, Inc.
Copyright (C) 1999, 2000, 2001, 2002 Mission Critical Linux, Inc.
This program is free software, covered by the GNU General Public License,
and you are welcome to change it and/or distribute copies of it under
certain conditions. Enter "help copying" to see the conditions.
This program has absolutely no warranty. Enter "help warranty" for details.
GNU gdb (GDB) 7.6
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu"...
crash: cannot determine thread return address
please wait... (gathering kmem slab cache data)
crash: invalid kernel virtual address: 1c type: "kmem_cache
objsize/object_size"
crash: failed to read pageflag_names entry
please wait... (gathering module symbol data)
WARNING: invalid kernel module size: 0
crash: cannot determine idle task addresses from init_tasks[] or runqueues[]
crash: cannot resolve "init_task_union"
vmlinux-3.13.0-39-generic was extracted from Ubuntu ddeb:
$ file ../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic
../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic: ELF 64-bit LSB
executable, x86-64, version 1 (SYSV), statically linked,
BuildID[sha1]=c4fa631d2cc34a0b2628a5de01a04e81a0667555, not stripped
With -d8 I get:
...
<read_diskdump: addr: ffffffffffffffff paddr: 7fffffff cnt: 1>
read_diskdump: paddr/pfn: 7fffffff/7ffff -> cache physical page: 7ffff000
crash: invalid kernel virtual address: 0 type: "memory section"
The entire -d8 output is attached.
Bogus "base kernel version" stands out immediately and I'm pretty sure
I've seen "0.0.0" in there a couple times with exactly the same dump.
From a quick look, the base kernel version code in kernel.c is not
safe
against kt->utsname.release being all zeroes.
Eddy Gonzalo (CC'ed) can probably provide access to the dumps if
needed.
Thanks,
Ilya
NOTICE: Protect the information in this message in accordance with the company's
security policies. If you received this message in error, immediately notify the sender
and destroy all copies.
9:36 a.m.
New subject: crash: invalid kernel virtual address: 0 type: "memory section"
----- Original Message -----
Hello,
I have a couple dumps generated on Ubuntu Trusty LTS (3.13.0-39-generic
kernel) which crash fails on.
$ ./crash ../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic
../dump.201412280256
crash 7.0.9
Copyright (C) 2002-2014 Red Hat, Inc.
Copyright (C) 2004, 2005, 2006, 2010 IBM Corporation
Copyright (C) 1999-2006 Hewlett-Packard Co
Copyright (C) 2005, 2006, 2011, 2012 Fujitsu Limited
Copyright (C) 2006, 2007 VA Linux Systems Japan K.K.
Copyright (C) 2005, 2011 NEC Corporation
Copyright (C) 1999, 2002, 2007 Silicon Graphics, Inc.
Copyright (C) 1999, 2000, 2001, 2002 Mission Critical Linux, Inc.
This program is free software, covered by the GNU General Public License,
and you are welcome to change it and/or distribute copies of it under
certain conditions. Enter "help copying" to see the conditions.
This program has absolutely no warranty. Enter "help warranty" for details.
GNU gdb (GDB) 7.6
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu"...
crash: cannot determine thread return address
please wait... (gathering kmem slab cache data)
crash: invalid kernel virtual address: 1c type: "kmem_cache
objsize/object_size"
crash: failed to read pageflag_names entry
please wait... (gathering module symbol data)
WARNING: invalid kernel module size: 0
crash: cannot determine idle task addresses from init_tasks[] or runqueues[]
crash: cannot resolve "init_task_union"
vmlinux-3.13.0-39-generic was extracted from Ubuntu ddeb:
$ file ../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic
../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic: ELF 64-bit LSB
executable, x86-64, version 1 (SYSV), statically linked,
BuildID[sha1]=c4fa631d2cc34a0b2628a5de01a04e81a0667555, not stripped
With -d8 I get:
...
<read_diskdump: addr: ffffffffffffffff paddr: 7fffffff cnt: 1>
read_diskdump: paddr/pfn: 7fffffff/7ffff -> cache physical page: 7ffff000
crash: invalid kernel virtual address: 0 type: "memory section"
The entire -d8 output is attached.
Bogus "base kernel version" stands out immediately and I'm pretty sure
I've seen "0.0.0" in there a couple times with exactly the same dump.
>From a quick look, the base kernel version code in kernel.c is not safe
against kt->utsname.release being all zeroes.
Eddy Gonzalo (CC'ed) can probably provide access to the dumps if
needed.
Thanks,
Ilya
The obvious question is: are you sure that the vmlinux matches the dumpfile?
I say that because there are so many strange readings from this dumpfile,
As you noted, yes, this definitely is a mismatch, where the header shows
sysname: Linux
nodename: chqcephnas01
release: 3.13.0-39-generic
version: #66~precise1-Ubuntu SMP Wed Oct 29 09:56:49 UTC 2014
machine: x86_64
but this gets read from the dumpfile:
<readmem: ffffffff81c15284, KVADDR, "init_uts_ns", 390, (ROE), cfa7bc>
<read_diskdump: addr: ffffffff81c15284 paddr: 1c15284 cnt: 390>
read_diskdump: paddr/pfn: 1c15284/1c15 -> cache physical page: 1c15000
base kernel version: 0.13.0
And one of the first set of items accessed, are the contents of the cpu mask variables:
<readmem: ffffffff8180acf0, KVADDR, "cpu_possible_mask", 8, (FOE),
7fff5ab8b618>
<read_diskdump: addr: ffffffff8180acf0 paddr: 180acf0 cnt: 8>
read_diskdump: paddr/pfn: 180acf0/180a -> cache physical page: 180a000
<readmem: ffffffff8180ace0, KVADDR, "cpu_present_mask", 8, (FOE),
7fff5ab8b618>
<read_diskdump: addr: ffffffff8180ace0 paddr: 180ace0 cnt: 8>
read_diskdump: paddr/pfn: 180ace0/180a -> physical page is cached: 180a000
<readmem: ffffffff8180ace8, KVADDR, "cpu_online_mask", 8, (FOE),
7fff5ab8b618>
<read_diskdump: addr: ffffffff8180ace8 paddr: 180ace8 cnt: 8>
read_diskdump: paddr/pfn: 180ace8/180a -> physical page is cached: 180a000
<readmem: ffffffff8180acd8, KVADDR, "cpu_active_mask", 8, (FOE),
7fff5ab8b618>
<read_diskdump: addr: ffffffff8180acd8 paddr: 180acd8 cnt: 8>
read_diskdump: paddr/pfn: 180acd8/180a -> physical page is cached: 180a000
But they all return NULL pointers. They should return pointers to bitmasks,
which then get read, and their contents displayed. For example, I've got
a 3.13 kernel dumpfile, where each mask pointer is read, the bitmask it points
gets read, and then the contents are dumped:
<readmem: ffffffff8180a870, KVADDR, "cpu_possible_mask", 8, (FOE),
7fff5f116f48>
<read_diskdump: addr: ffffffff8180a870 paddr: 180a870 cnt: 8>
<readmem: ffffffff81d8c780, KVADDR, "possible", 1024, (ROE), f45b80>
<read_diskdump: addr: ffffffff81d8c780 paddr: 1d8c780 cnt: 1024>
cpu_possible_mask: 0 1 2 3
<readmem: ffffffff8180a860, KVADDR, "cpu_present_mask", 8, (FOE),
7fff5f116f48>
<read_diskdump: addr: ffffffff8180a860 paddr: 180a860 cnt: 8>
<readmem: ffffffff81d8bf80, KVADDR, "present", 1024, (ROE), f45b80>
<read_diskdump: addr: ffffffff81d8bf80 paddr: 1d8bf80 cnt: 128>
<read_diskdump: addr: ffffffff81d8c000 paddr: 1d8c000 cnt: 896>
cpu_present_mask: 0 1
<readmem: ffffffff8180a868, KVADDR, "cpu_online_mask", 8, (FOE),
7fff5f116f48>
<read_diskdump: addr: ffffffff8180a868 paddr: 180a868 cnt: 8>
<readmem: ffffffff81d8c380, KVADDR, "online", 1024, (ROE), f45b80>
<read_diskdump: addr: ffffffff81d8c380 paddr: 1d8c380 cnt: 1024>
cpu_online_mask: 0 1
<readmem: ffffffff8180a858, KVADDR, "cpu_active_mask", 8, (FOE),
7fff5f116f48>
<read_diskdump: addr: ffffffff8180a858 paddr: 180a858 cnt: 8>
<readmem: ffffffff81d8bb80, KVADDR, "active", 1024, (ROE), f45b80>
<read_diskdump: addr: ffffffff81d8bb80 paddr: 1d8bb80 cnt: 1024>
cpu_active_mask: 0 1
Right from the get-go, the __per_cpu_offset array looks like it's
returning all zeroes, in which case pretty much all is lost and the
dumpfile is useless.
That can be seen with the following readmem failure, which
should take the kt->__per_cpu_offset[0] value and add it to
the (per-cpu) symbol value of "cpu_number", which presumably
is b084 in that kernel, and where kt->__per_cpu_offset[0] is
apparently zero. Therefore this readmem() call:
if (!readmem(cpu_sp->value + kt->__per_cpu_offset[i],
KVADDR, &cpunumber, sizeof(int),
"cpu number (per_cpu)", QUIET|RETURN_ON_ERROR))
break;
generated this failure:
<readmem: b084, KVADDR, "cpu number (per_cpu)", 4, (ROE|Q),
7fff5ab9c800>
crash: invalid kernel virtual address: b084 type: "cpu number (per_cpu)"
The kt->__per_cpu_offset[] array would have been set up earlier in kernel_init():
if (symbol_exists("__per_cpu_offset")) {
if (LKCD_KERNTYPES())
i = get_cpus_possible();
else
i = get_array_length("__per_cpu_offset", NULL, 0);
get_symbol_data("__per_cpu_offset",
sizeof(long)*((i && (i <= NR_CPUS)) ? i : NR_CPUS),
&kt->__per_cpu_offset[0]);
kt->flags |= PER_CPU_OFF;
}
It looks like it read the array OK, where the Ubuntu kernel looks like
it has 256 cpus configured:
<readmem: ffffffff81d130e0, KVADDR, "__per_cpu_offset", 2048, (FOE),
cfa968>
<read_diskdump: addr: ffffffff81d130e0 paddr: 1d130e0 cnt: 2048>
read_diskdump: paddr/pfn: 1d130e0/1d13 -> cache physical page: 1d13000
But when utilizing the stashed kt->__per_cpu_offset[0] value later on (for cpu 0),
it got a zero offset.
So it looks like the vmlinux and dumpfile don't match, or perhaps the dumpfile
is suspect.
It would be interesting to confirm that the kernel being used (vmlinux-3.13.0-39-generic)
runs OK live on the crashing system.
Dave
9:49 a.m.
New subject: crash: invalid kernel virtual address: 0 type: "memory section"
Just for sanity's sake, try this:
$ ./crash --minimal ../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic
../dump.201412280256
and see if you can read the linux_banner string successfully. For example, using
my sample 3.13 kernel:
$ crash --minimal 3.13.0-0.rc1.git2.1.fc20_SLAB/vmlinux.gz
3.13.0-0.rc1.git2.1.fc20_SLAB/vmcore_c_d31
crash 7.0.9
Copyright (C) 2002-2014 Red Hat, Inc.
Copyright (C) 2004, 2005, 2006, 2010 IBM Corporation
Copyright (C) 1999-2006 Hewlett-Packard Co
Copyright (C) 2005, 2006, 2011, 2012 Fujitsu Limited
Copyright (C) 2006, 2007 VA Linux Systems Japan K.K.
Copyright (C) 2005, 2011 NEC Corporation
Copyright (C) 1999, 2002, 2007 Silicon Graphics, Inc.
Copyright (C) 1999, 2000, 2001, 2002 Mission Critical Linux, Inc.
This program is free software, covered by the GNU General Public License,
and you are welcome to change it and/or distribute copies of it under
certain conditions. Enter "help copying" to see the conditions.
This program has absolutely no warranty. Enter "help warranty" for details.
GNU gdb (GDB) 7.6
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu"...
NOTE: minimal mode commands: log, dis, rd, sym, eval, set, extend and exit
crash> rd -a linux_banner
ffffffff818000c0: Linux version 3.13.0-0.rc1.git2.1.fc20.x86_64 (root@hp-xw455
ffffffff818000fc: 0-02.ml3.eng.bos.redhat.com) (gcc version 4.8.1 20130814 (Re
ffffffff81800138: d Hat 4.8.1-6) (GCC) ) #1 SMP Tue Nov 26 14:42:45 EST 2013
crash>
And then try reading other stuff, most notably the __per_cpu_offset[] array,
like this:
crash> rd __per_cpu_offset 256
Dave
----- Original Message -----
----- Original Message -----
> Hello,
>
> I have a couple dumps generated on Ubuntu Trusty LTS (3.13.0-39-generic
> kernel) which crash fails on.
>
> $ ./crash ../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic
> ../dump.201412280256
>
> crash 7.0.9
> Copyright (C) 2002-2014 Red Hat, Inc.
> Copyright (C) 2004, 2005, 2006, 2010 IBM Corporation
> Copyright (C) 1999-2006 Hewlett-Packard Co
> Copyright (C) 2005, 2006, 2011, 2012 Fujitsu Limited
> Copyright (C) 2006, 2007 VA Linux Systems Japan K.K.
> Copyright (C) 2005, 2011 NEC Corporation
> Copyright (C) 1999, 2002, 2007 Silicon Graphics, Inc.
> Copyright (C) 1999, 2000, 2001, 2002 Mission Critical Linux, Inc.
> This program is free software, covered by the GNU General Public License,
> and you are welcome to change it and/or distribute copies of it under
> certain conditions. Enter "help copying" to see the conditions.
> This program has absolutely no warranty. Enter "help warranty" for
> details.
>
> GNU gdb (GDB) 7.6
> Copyright (C) 2013 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later
> <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law. Type "show
copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64-unknown-linux-gnu"...
>
> crash: cannot determine thread return address
> please wait... (gathering kmem slab cache data)
> crash: invalid kernel virtual address: 1c type: "kmem_cache
> objsize/object_size"
> crash: failed to read pageflag_names entry
> please wait... (gathering module symbol data)
> WARNING: invalid kernel module size: 0
>
> crash: cannot determine idle task addresses from init_tasks[] or
> runqueues[]
>
> crash: cannot resolve "init_task_union"
>
>
> vmlinux-3.13.0-39-generic was extracted from Ubuntu ddeb:
>
> $ file ../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic
> ../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic: ELF 64-bit LSB
> executable, x86-64, version 1 (SYSV), statically linked,
> BuildID[sha1]=c4fa631d2cc34a0b2628a5de01a04e81a0667555, not stripped
>
> With -d8 I get:
>
> ...
> <read_diskdump: addr: ffffffffffffffff paddr: 7fffffff cnt: 1>
> read_diskdump: paddr/pfn: 7fffffff/7ffff -> cache physical page: 7ffff000
> crash: invalid kernel virtual address: 0 type: "memory section"
>
> The entire -d8 output is attached.
>
> Bogus "base kernel version" stands out immediately and I'm pretty
sure
> I've seen "0.0.0" in there a couple times with exactly the same dump.
> >From a quick look, the base kernel version code in kernel.c is not safe
> against kt->utsname.release being all zeroes.
>
> Eddy Gonzalo (CC'ed) can probably provide access to the dumps if
> needed.
>
> Thanks,
> Ilya
The obvious question is: are you sure that the vmlinux matches the dumpfile?
I say that because there are so many strange readings from this dumpfile,
As you noted, yes, this definitely is a mismatch, where the header shows
sysname: Linux
nodename: chqcephnas01
release: 3.13.0-39-generic
version: #66~precise1-Ubuntu SMP Wed Oct 29 09:56:49 UTC 2014
machine: x86_64
but this gets read from the dumpfile:
<readmem: ffffffff81c15284, KVADDR, "init_uts_ns", 390, (ROE), cfa7bc>
<read_diskdump: addr: ffffffff81c15284 paddr: 1c15284 cnt: 390>
read_diskdump: paddr/pfn: 1c15284/1c15 -> cache physical page: 1c15000
base kernel version: 0.13.0
And one of the first set of items accessed, are the contents of the cpu mask
variables:
<readmem: ffffffff8180acf0, KVADDR, "cpu_possible_mask", 8, (FOE),
7fff5ab8b618>
<read_diskdump: addr: ffffffff8180acf0 paddr: 180acf0 cnt: 8>
read_diskdump: paddr/pfn: 180acf0/180a -> cache physical page: 180a000
<readmem: ffffffff8180ace0, KVADDR, "cpu_present_mask", 8, (FOE),
7fff5ab8b618>
<read_diskdump: addr: ffffffff8180ace0 paddr: 180ace0 cnt: 8>
read_diskdump: paddr/pfn: 180ace0/180a -> physical page is cached: 180a000
<readmem: ffffffff8180ace8, KVADDR, "cpu_online_mask", 8, (FOE),
7fff5ab8b618>
<read_diskdump: addr: ffffffff8180ace8 paddr: 180ace8 cnt: 8>
read_diskdump: paddr/pfn: 180ace8/180a -> physical page is cached: 180a000
<readmem: ffffffff8180acd8, KVADDR, "cpu_active_mask", 8, (FOE),
7fff5ab8b618>
<read_diskdump: addr: ffffffff8180acd8 paddr: 180acd8 cnt: 8>
read_diskdump: paddr/pfn: 180acd8/180a -> physical page is cached: 180a000
But they all return NULL pointers. They should return pointers to bitmasks,
which then get read, and their contents displayed. For example, I've got
a 3.13 kernel dumpfile, where each mask pointer is read, the bitmask it
points
gets read, and then the contents are dumped:
<readmem: ffffffff8180a870, KVADDR, "cpu_possible_mask", 8, (FOE),
7fff5f116f48>
<read_diskdump: addr: ffffffff8180a870 paddr: 180a870 cnt: 8>
<readmem: ffffffff81d8c780, KVADDR, "possible", 1024, (ROE), f45b80>
<read_diskdump: addr: ffffffff81d8c780 paddr: 1d8c780 cnt: 1024>
cpu_possible_mask: 0 1 2 3
<readmem: ffffffff8180a860, KVADDR, "cpu_present_mask", 8, (FOE),
7fff5f116f48>
<read_diskdump: addr: ffffffff8180a860 paddr: 180a860 cnt: 8>
<readmem: ffffffff81d8bf80, KVADDR, "present", 1024, (ROE), f45b80>
<read_diskdump: addr: ffffffff81d8bf80 paddr: 1d8bf80 cnt: 128>
<read_diskdump: addr: ffffffff81d8c000 paddr: 1d8c000 cnt: 896>
cpu_present_mask: 0 1
<readmem: ffffffff8180a868, KVADDR, "cpu_online_mask", 8, (FOE),
7fff5f116f48>
<read_diskdump: addr: ffffffff8180a868 paddr: 180a868 cnt: 8>
<readmem: ffffffff81d8c380, KVADDR, "online", 1024, (ROE), f45b80>
<read_diskdump: addr: ffffffff81d8c380 paddr: 1d8c380 cnt: 1024>
cpu_online_mask: 0 1
<readmem: ffffffff8180a858, KVADDR, "cpu_active_mask", 8, (FOE),
7fff5f116f48>
<read_diskdump: addr: ffffffff8180a858 paddr: 180a858 cnt: 8>
<readmem: ffffffff81d8bb80, KVADDR, "active", 1024, (ROE), f45b80>
<read_diskdump: addr: ffffffff81d8bb80 paddr: 1d8bb80 cnt: 1024>
cpu_active_mask: 0 1
Right from the get-go, the __per_cpu_offset array looks like it's
returning all zeroes, in which case pretty much all is lost and the
dumpfile is useless.
That can be seen with the following readmem failure, which
should take the kt->__per_cpu_offset[0] value and add it to
the (per-cpu) symbol value of "cpu_number", which presumably
is b084 in that kernel, and where kt->__per_cpu_offset[0] is
apparently zero. Therefore this readmem() call:
if (!readmem(cpu_sp->value + kt->__per_cpu_offset[i],
KVADDR, &cpunumber, sizeof(int),
"cpu number (per_cpu)", QUIET|RETURN_ON_ERROR))
break;
generated this failure:
<readmem: b084, KVADDR, "cpu number (per_cpu)", 4, (ROE|Q),
7fff5ab9c800>
crash: invalid kernel virtual address: b084 type: "cpu number (per_cpu)"
The kt->__per_cpu_offset[] array would have been set up earlier in
kernel_init():
if (symbol_exists("__per_cpu_offset")) {
if (LKCD_KERNTYPES())
i = get_cpus_possible();
else
i = get_array_length("__per_cpu_offset", NULL, 0);
get_symbol_data("__per_cpu_offset",
sizeof(long)*((i && (i <= NR_CPUS)) ? i : NR_CPUS),
&kt->__per_cpu_offset[0]);
kt->flags |= PER_CPU_OFF;
}
It looks like it read the array OK, where the Ubuntu kernel looks like
it has 256 cpus configured:
<readmem: ffffffff81d130e0, KVADDR, "__per_cpu_offset", 2048, (FOE),
cfa968>
<read_diskdump: addr: ffffffff81d130e0 paddr: 1d130e0 cnt: 2048>
read_diskdump: paddr/pfn: 1d130e0/1d13 -> cache physical page: 1d13000
But when utilizing the stashed kt->__per_cpu_offset[0] value later on (for
cpu 0),
it got a zero offset.
So it looks like the vmlinux and dumpfile don't match, or perhaps the
dumpfile
is suspect.
It would be interesting to confirm that the kernel being used
(vmlinux-3.13.0-39-generic)
runs OK live on the crashing system.
Dave
--
Crash-utility mailing list
Crash-utility(a)redhat.com
https://www.redhat.com/mailman/listinfo/crash-utility
10:02 a.m.
On Mon, Jan 5, 2015 at 6:49 PM, Dave Anderson <anderson(a)redhat.com> wrote:
Just for sanity's sake, try this:
$ ./crash --minimal ../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic
../dump.201412280256
and see if you can read the linux_banner string successfully. For example, using
my sample 3.13 kernel:
$ crash --minimal 3.13.0-0.rc1.git2.1.fc20_SLAB/vmlinux.gz
3.13.0-0.rc1.git2.1.fc20_SLAB/vmcore_c_d31
crash 7.0.9
Copyright (C) 2002-2014 Red Hat, Inc.
Copyright (C) 2004, 2005, 2006, 2010 IBM Corporation
Copyright (C) 1999-2006 Hewlett-Packard Co
Copyright (C) 2005, 2006, 2011, 2012 Fujitsu Limited
Copyright (C) 2006, 2007 VA Linux Systems Japan K.K.
Copyright (C) 2005, 2011 NEC Corporation
Copyright (C) 1999, 2002, 2007 Silicon Graphics, Inc.
Copyright (C) 1999, 2000, 2001, 2002 Mission Critical Linux, Inc.
This program is free software, covered by the GNU General Public License,
and you are welcome to change it and/or distribute copies of it under
certain conditions. Enter "help copying" to see the conditions.
This program has absolutely no warranty. Enter "help warranty" for details.
GNU gdb (GDB) 7.6
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu"...
NOTE: minimal mode commands: log, dis, rd, sym, eval, set, extend and exit
crash> rd -a linux_banner
ffffffff818000c0: Linux version 3.13.0-0.rc1.git2.1.fc20.x86_64 (root@hp-xw455
ffffffff818000fc: 0-02.ml3.eng.bos.redhat.com) (gcc version 4.8.1 20130814 (Re
ffffffff81800138: d Hat 4.8.1-6) (GCC) ) #1 SMP Tue Nov 26 14:42:45 EST 2013
crash>
And then try reading other stuff, most notably the __per_cpu_offset[] array,
like this:
crash> rd __per_cpu_offset 256
Attached - __per_cpu_offset seems busted.
Thanks,
Ilya
10:21 a.m.
On Mon, Jan 5, 2015 at 7:02 PM, Ilya Dryomov <idryomov(a)redhat.com> wrote:
On Mon, Jan 5, 2015 at 6:49 PM, Dave Anderson
<anderson(a)redhat.com> wrote:
>
>
> Just for sanity's sake, try this:
>
> $ ./crash --minimal ../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic
../dump.201412280256
>
> and see if you can read the linux_banner string successfully. For example, using
> my sample 3.13 kernel:
>
> $ crash --minimal 3.13.0-0.rc1.git2.1.fc20_SLAB/vmlinux.gz
3.13.0-0.rc1.git2.1.fc20_SLAB/vmcore_c_d31
>
> crash 7.0.9
> Copyright (C) 2002-2014 Red Hat, Inc.
> Copyright (C) 2004, 2005, 2006, 2010 IBM Corporation
> Copyright (C) 1999-2006 Hewlett-Packard Co
> Copyright (C) 2005, 2006, 2011, 2012 Fujitsu Limited
> Copyright (C) 2006, 2007 VA Linux Systems Japan K.K.
> Copyright (C) 2005, 2011 NEC Corporation
> Copyright (C) 1999, 2002, 2007 Silicon Graphics, Inc.
> Copyright (C) 1999, 2000, 2001, 2002 Mission Critical Linux, Inc.
> This program is free software, covered by the GNU General Public License,
> and you are welcome to change it and/or distribute copies of it under
> certain conditions. Enter "help copying" to see the conditions.
> This program has absolutely no warranty. Enter "help warranty" for
details.
>
> GNU gdb (GDB) 7.6
> Copyright (C) 2013 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law. Type "show
copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64-unknown-linux-gnu"...
>
> NOTE: minimal mode commands: log, dis, rd, sym, eval, set, extend and exit
>
> crash> rd -a linux_banner
> ffffffff818000c0: Linux version 3.13.0-0.rc1.git2.1.fc20.x86_64 (root@hp-xw455
> ffffffff818000fc: 0-02.ml3.eng.bos.redhat.com) (gcc version 4.8.1 20130814 (Re
> ffffffff81800138: d Hat 4.8.1-6) (GCC) ) #1 SMP Tue Nov 26 14:42:45 EST 2013
> crash>
>
> And then try reading other stuff, most notably the __per_cpu_offset[] array,
> like this:
>
> crash> rd __per_cpu_offset 256
Attached - __per_cpu_offset seems busted.
OK, so the banner read with crash is
ffffffff818000a0: Linux version 3.13.0-39-generic (buildd@brownie) (gcc versio
ffffffff818000dc: n 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) ) #66~precise1-Ubuntu
ffffffff81800118: SMP Wed Oct 29 09:56:49 UTC 2014 (Ubuntu 3.13.0-39.66~preci
ffffffff81800154: se1-generic 3.13.11.8)
whereas the banner from vmlinux-3.13.0-39-generic is
0a000a0: 4c69 6e75 7820 7665 7273 696f 6e20 332e Linux version 3.
0a000b0: 3133 2e30 2d33 392d 6765 6e65 7269 6320 13.0-39-generic
0a000c0: 2862 7569 6c64 6440 746f 796f 6c29 2028 (buildd@toyol) (
0a000d0: 6763 6320 7665 7273 696f 6e20 342e 382e gcc version 4.8.
0a000e0: 3220 2855 6275 6e74 7520 342e 382e 322d 2 (Ubuntu 4.8.2-
0a000f0: 3139 7562 756e 7475 3129 2029 2023 3636 19ubuntu1) ) #66
0a00100: 2d55 6275 6e74 7520 534d 5020 5475 6520 -Ubuntu SMP Tue
0a00110: 4f63 7420 3238 2031 333a 3330 3a32 3720 Oct 28 13:30:27
0a00120: 5554 4320 3230 3134 2028 5562 756e 7475 UTC 2014 (Ubuntu
0a00130: 2033 2e31 332e 302d 3339 2e36 362d 6765 3.13.0-39.66-ge
0a00140: 6e65 7269 6320 332e 3133 2e31 312e 3829 neric 3.13.11.8)
I guess I need to try to hunt down that exact vmlinux. Sigh.
Thanks,
Ilya
10:28 a.m.
Our last two messages crossed -- you have found the problem...
Dave
----- Original Message -----
On Mon, Jan 5, 2015 at 7:02 PM, Ilya Dryomov
<idryomov(a)redhat.com> wrote:
> On Mon, Jan 5, 2015 at 6:49 PM, Dave Anderson <anderson(a)redhat.com> wrote:
>>
>>
>> Just for sanity's sake, try this:
>>
>> $ ./crash --minimal ../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic
>> ../dump.201412280256
>>
>> and see if you can read the linux_banner string successfully. For
>> example, using
>> my sample 3.13 kernel:
>>
>> $ crash --minimal 3.13.0-0.rc1.git2.1.fc20_SLAB/vmlinux.gz
>> 3.13.0-0.rc1.git2.1.fc20_SLAB/vmcore_c_d31
>>
>> crash 7.0.9
>> Copyright (C) 2002-2014 Red Hat, Inc.
>> Copyright (C) 2004, 2005, 2006, 2010 IBM Corporation
>> Copyright (C) 1999-2006 Hewlett-Packard Co
>> Copyright (C) 2005, 2006, 2011, 2012 Fujitsu Limited
>> Copyright (C) 2006, 2007 VA Linux Systems Japan K.K.
>> Copyright (C) 2005, 2011 NEC Corporation
>> Copyright (C) 1999, 2002, 2007 Silicon Graphics, Inc.
>> Copyright (C) 1999, 2000, 2001, 2002 Mission Critical Linux, Inc.
>> This program is free software, covered by the GNU General Public
>> License,
>> and you are welcome to change it and/or distribute copies of it under
>> certain conditions. Enter "help copying" to see the conditions.
>> This program has absolutely no warranty. Enter "help warranty" for
>> details.
>>
>> GNU gdb (GDB) 7.6
>> Copyright (C) 2013 Free Software Foundation, Inc.
>> License GPLv3+: GNU GPL version 3 or later
>> <http://gnu.org/licenses/gpl.html>
>> This is free software: you are free to change and redistribute it.
>> There is NO WARRANTY, to the extent permitted by law. Type "show
>> copying"
>> and "show warranty" for details.
>> This GDB was configured as "x86_64-unknown-linux-gnu"...
>>
>> NOTE: minimal mode commands: log, dis, rd, sym, eval, set, extend and
>> exit
>>
>> crash> rd -a linux_banner
>> ffffffff818000c0: Linux version 3.13.0-0.rc1.git2.1.fc20.x86_64
>> (root@hp-xw455
>> ffffffff818000fc: 0-02.ml3.eng.bos.redhat.com) (gcc version 4.8.1
>> 20130814 (Re
>> ffffffff81800138: d Hat 4.8.1-6) (GCC) ) #1 SMP Tue Nov 26 14:42:45 EST
>> 2013
>> crash>
>>
>> And then try reading other stuff, most notably the __per_cpu_offset[]
>> array,
>> like this:
>>
>> crash> rd __per_cpu_offset 256
>
> Attached - __per_cpu_offset seems busted.
OK, so the banner read with crash is
ffffffff818000a0: Linux version 3.13.0-39-generic (buildd@brownie) (gcc
versio
ffffffff818000dc: n 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) )
#66~precise1-Ubuntu
ffffffff81800118: SMP Wed Oct 29 09:56:49 UTC 2014 (Ubuntu
3.13.0-39.66~preci
ffffffff81800154: se1-generic 3.13.11.8)
whereas the banner from vmlinux-3.13.0-39-generic is
0a000a0: 4c69 6e75 7820 7665 7273 696f 6e20 332e Linux version 3.
0a000b0: 3133 2e30 2d33 392d 6765 6e65 7269 6320 13.0-39-generic
0a000c0: 2862 7569 6c64 6440 746f 796f 6c29 2028 (buildd@toyol) (
0a000d0: 6763 6320 7665 7273 696f 6e20 342e 382e gcc version 4.8.
0a000e0: 3220 2855 6275 6e74 7520 342e 382e 322d 2 (Ubuntu 4.8.2-
0a000f0: 3139 7562 756e 7475 3129 2029 2023 3636 19ubuntu1) ) #66
0a00100: 2d55 6275 6e74 7520 534d 5020 5475 6520 -Ubuntu SMP Tue
0a00110: 4f63 7420 3238 2031 333a 3330 3a32 3720 Oct 28 13:30:27
0a00120: 5554 4320 3230 3134 2028 5562 756e 7475 UTC 2014 (Ubuntu
0a00130: 2033 2e31 332e 302d 3339 2e36 362d 6765 3.13.0-39.66-ge
0a00140: 6e65 7269 6320 332e 3133 2e31 312e 3829 neric 3.13.11.8)
I guess I need to try to hunt down that exact vmlinux. Sigh.
Thanks,
Ilya
--
Crash-utility mailing list
Crash-utility(a)redhat.com
https://www.redhat.com/mailman/listinfo/crash-utility
10:26 a.m.
----- Original Message -----
On Mon, Jan 5, 2015 at 6:49 PM, Dave Anderson
<anderson(a)redhat.com> wrote:
>
>
> Just for sanity's sake, try this:
>
> $ ./crash --minimal ../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic
../dump.201412280256
>
> and see if you can read the linux_banner string successfully. For example, using
> my sample 3.13 kernel:
>
> $ crash --minimal 3.13.0-0.rc1.git2.1.fc20_SLAB/vmlinux.gz
3.13.0-0.rc1.git2.1.fc20_SLAB/vmcore_c_d31
>
> crash 7.0.9
> Copyright (C) 2002-2014 Red Hat, Inc.
> Copyright (C) 2004, 2005, 2006, 2010 IBM Corporation
> Copyright (C) 1999-2006 Hewlett-Packard Co
> Copyright (C) 2005, 2006, 2011, 2012 Fujitsu Limited
> Copyright (C) 2006, 2007 VA Linux Systems Japan K.K.
> Copyright (C) 2005, 2011 NEC Corporation
> Copyright (C) 1999, 2002, 2007 Silicon Graphics, Inc.
> Copyright (C) 1999, 2000, 2001, 2002 Mission Critical Linux, Inc.
> This program is free software, covered by the GNU General Public License,
> and you are welcome to change it and/or distribute copies of it under
> certain conditions. Enter "help copying" to see the conditions.
> This program has absolutely no warranty. Enter "help warranty" for
> details.
>
> GNU gdb (GDB) 7.6
> Copyright (C) 2013 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later
> <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law. Type "show
copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64-unknown-linux-gnu"...
>
> NOTE: minimal mode commands: log, dis, rd, sym, eval, set, extend and exit
>
> crash> rd -a linux_banner
> ffffffff818000c0: Linux version 3.13.0-0.rc1.git2.1.fc20.x86_64 (root@hp-xw455
> ffffffff818000fc: 0-02.ml3.eng.bos.redhat.com) (gcc version 4.8.1 20130814 (Re
> ffffffff81800138: d Hat 4.8.1-6) (GCC) ) #1 SMP Tue Nov 26 14:42:45 EST 2013
> crash>
BTW, if you do this:
$ strings ../ddeb/usr/lib/debug/boot/vmlinux-3.13.0-39-generic | grep "Linux
version"
Do you see the same "Oct 29 09:56:49" build date as shown in the linux_banner
string?
If that all matches up, then it seemingly points to a faulty dumpfile.
>
> And then try reading other stuff, most notably the __per_cpu_offset[] array,
> like this:
>
> crash> rd __per_cpu_offset 256
Attached - __per_cpu_offset seems busted.
Thanks,
Ilya
Right:
crash> rd __per_cpu_offset 256
ffffffff81d130e0: 0000000000000000 0000000000000000 ................
ffffffff81d130f0: 0000000000000000 0000000000000000 ................
ffffffff81d13100: 0000000000000000 0000000000000000 ................
ffffffff81d13110: 0000000000000000 0000000000000000 ................
ffffffff81d13120: 0000000000000000 0000000000000000 ................
ffffffff81d13130: 0000000000000000 0000000000000000 ................
ffffffff81d13140: 0000000000000000 0000000000000000 ................
ffffffff81d13150: 0000000000000000 0000000000000000 ................
... [ cut ] ...
ffffffff81d137e0: 0000003000000001 0000000100000000 ....0...........
ffffffff81d137f0: 0000000100000000 ffff880417106100 .........a......
ffffffff81d13800: ffffffff81766240 0000000000000000 @bv.............
ffffffff81d13810: 0000000000000010 0000000000000000 ................
ffffffff81d13820: 0000000000000000 0000000000000000 ................
ffffffff81d13830: 0000000000000000 0000000000000000 ................
ffffffff81d13840: 0000000000000000 0000000000000000 ................
ffffffff81d13850: 0000000000000000 0000000000000000 ................
ffffffff81d13860: 000000000000000a 0000000000000078 ........x.......
ffffffff81d13870: 0000000000400000 0000000a00000000 ..@.............
ffffffff81d13880: 00000000ee6b2800 0000000100000001 .(k.............
ffffffff81d13890: 0000000000000000 0000000000000000 ................
ffffffff81d138a0: 0000000000000000 0000000000000000 ................
ffffffff81d138b0: 0000000000000000 0000000000000000 ................
ffffffff81d138c0: 0000000000000000 0000000000000000 ................
ffffffff81d138d0: 0000000000000000 0000000000000000 ................
And given the above, the dumpfile is fairly useless except for whatever
you can get out of it with --minimal.
Dave
3542
days inactive
3542
days old
devel@lists.crash-utility.osci.io
7 comments
3 participants
participants (3)
-
Castillon de la Cruz, Eddy Gonzalo -
Dave Anderson -
Ilya Dryomov