Fix Segmentation fault and update to the latest upstream
Remove the use_system_readline_v3.patch and the dependency of readline-devel. Update to the latest upstream: commit <9c0c6c1b3750> Release crash-7.2.9-5 Signed-off-by: Lianbo Jiang <lijiang@redhat.com>
This commit is contained in:
parent
5a0c1d8fb7
commit
bce16fc0be
65
0014-log-change-log-level-print-in-older-kernels.patch
Normal file
65
0014-log-change-log-level-print-in-older-kernels.patch
Normal file
@ -0,0 +1,65 @@
|
||||
From a52f630e40ff8f7abc266bd4f1fe09f9087faeaa Mon Sep 17 00:00:00 2001
|
||||
From: John Pittman <jpittman@redhat.com>
|
||||
Date: Thu, 18 Feb 2021 10:55:50 -0500
|
||||
Subject: [PATCH 1/6] log: change log level print in older kernels
|
||||
|
||||
In older kernels that have the variable-length-record log_buf, the
|
||||
log level and the log flags/facility are not separated. Since the
|
||||
log level is only the last three bits, and the flags/facility and
|
||||
level are separated in 5.10 and later kernels, only print those last
|
||||
three bits when using 'log -m'.
|
||||
|
||||
[ kh: modified commit message ]
|
||||
|
||||
Suggested-by: David Jeffery <djeffery@redhat.com>
|
||||
Signed-off-by: John Pittman <jpittman@redhat.com>
|
||||
---
|
||||
defs.h | 1 +
|
||||
help.c | 5 +++--
|
||||
kernel.c | 2 ++
|
||||
3 files changed, 6 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/defs.h b/defs.h
|
||||
index 35cdac20420c..35b983abd403 100644
|
||||
--- a/defs.h
|
||||
+++ b/defs.h
|
||||
@@ -5627,6 +5627,7 @@ void clone_bt_info(struct bt_info *, struct bt_info *, struct task_context *);
|
||||
void dump_kernel_table(int);
|
||||
void dump_bt_info(struct bt_info *, char *where);
|
||||
void dump_log(int);
|
||||
+#define LOG_LEVEL(v) ((v) & 0x07)
|
||||
#define SHOW_LOG_LEVEL (0x1)
|
||||
#define SHOW_LOG_DICT (0x2)
|
||||
#define SHOW_LOG_TEXT (0x4)
|
||||
diff --git a/help.c b/help.c
|
||||
index 587c7173f495..85b334a0419e 100644
|
||||
--- a/help.c
|
||||
+++ b/help.c
|
||||
@@ -3906,8 +3906,9 @@ char *help_log[] = {
|
||||
" applicable to the variable-length record format.",
|
||||
" -m Display the message log level in brackets preceding each message. For",
|
||||
" the variable-length record format, the level will be displayed in ",
|
||||
-" hexadecimal, and depending upon the kernel version, also contains the",
|
||||
-" facility or flags bits.",
|
||||
+" hexadecimal. In older kernels, by default, the facility/flag bits",
|
||||
+" will be stripped to only show the level, but if needed, can still be",
|
||||
+" shown with 'set debug 1'.",
|
||||
" -a Dump the audit logs remaining in kernel audit buffers that have not",
|
||||
" been copied out to the user-space audit daemon.",
|
||||
" ",
|
||||
diff --git a/kernel.c b/kernel.c
|
||||
index ac765e302639..735263cbcd75 100644
|
||||
--- a/kernel.c
|
||||
+++ b/kernel.c
|
||||
@@ -5262,6 +5262,8 @@ dump_log_entry(char *logptr, int msg_flags)
|
||||
fprintf(fp, "%s", buf);
|
||||
}
|
||||
|
||||
+ level = LOG_LEVEL(level);
|
||||
+
|
||||
if (msg_flags & SHOW_LOG_LEVEL) {
|
||||
sprintf(buf, "<%x>", level);
|
||||
ilen += strlen(buf);
|
||||
--
|
||||
2.29.2
|
||||
|
37
0015-Makefile-reduce-crash-build-log.patch
Normal file
37
0015-Makefile-reduce-crash-build-log.patch
Normal file
@ -0,0 +1,37 @@
|
||||
From 464edc6e6636c01521b46ec64134b90c7e7ced11 Mon Sep 17 00:00:00 2001
|
||||
From: Kazuhito Hagio <k-hagio-ab@nec.com>
|
||||
Date: Fri, 19 Feb 2021 14:43:55 +0900
|
||||
Subject: [PATCH 2/6] Makefile: reduce crash build log
|
||||
|
||||
Currently the verbose output of tar command when extracting the
|
||||
GDB source files occupies more than the half of crash build log.
|
||||
It is not so helpful and makes the build log longer needlessly
|
||||
especially on CI build test. Let's stop it.
|
||||
|
||||
Also reduce about 600 lines of crash build log with wget's
|
||||
"--progress=dot:mega" option when stderr is not a tty.
|
||||
|
||||
Signed-off-by: Kazuhito Hagio <k-hagio-ab@nec.com>
|
||||
---
|
||||
Makefile | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/Makefile b/Makefile
|
||||
index f66eba7418d1..b3c0d3a7f75b 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -258,8 +258,9 @@ gdb_unzip:
|
||||
@if [ ! -f ${GDB}.tar.gz ] && [ ! -f /usr/bin/wget ]; then \
|
||||
echo /usr/bin/wget is required to download ${GDB}.tar.gz; echo; exit 1; fi
|
||||
@if [ ! -f ${GDB}.tar.gz ] && [ -f /usr/bin/wget ]; then \
|
||||
- wget http://ftp.gnu.org/gnu/gdb/${GDB}.tar.gz; fi
|
||||
- @tar --exclude-from gdb.files -xvzmf ${GDB}.tar.gz
|
||||
+ [ ! -t 2 ] && WGET_OPTS="--progress=dot:mega"; \
|
||||
+ wget $$WGET_OPTS http://ftp.gnu.org/gnu/gdb/${GDB}.tar.gz; fi
|
||||
+ @tar --exclude-from gdb.files -xzmf ${GDB}.tar.gz
|
||||
@make --no-print-directory gdb_patch
|
||||
|
||||
gdb_patch:
|
||||
--
|
||||
2.29.2
|
||||
|
@ -0,0 +1,32 @@
|
||||
From 720279fc141100893ba6da6ab18e52776ecf7424 Mon Sep 17 00:00:00 2001
|
||||
From: Kazuhito Hagio <k-hagio-ab@nec.com>
|
||||
Date: Tue, 2 Mar 2021 13:38:18 +0900
|
||||
Subject: [PATCH 3/6] x86_64: fix "bt" command on 5.12-rc1 and later kernels
|
||||
|
||||
Fix "bt" command on Linux 5.12-rc1 and later kernels that contain
|
||||
commit 951c2a51ae75 ("x86/irq/64: Adjust the per CPU irq stack pointer
|
||||
by 8"). Without the patch, the "bt" command and some of its options
|
||||
that read irq stack fail with the error message "bt: read of stack at
|
||||
<address> failed".
|
||||
|
||||
Signed-off-by: Kazuhito Hagio <k-hagio-ab@nec.com>
|
||||
---
|
||||
x86_64.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/x86_64.c b/x86_64.c
|
||||
index 23a40a04bbc4..f5b2f7b5f040 100644
|
||||
--- a/x86_64.c
|
||||
+++ b/x86_64.c
|
||||
@@ -1326,6 +1326,8 @@ x86_64_per_cpu_init(void)
|
||||
KVADDR, &hardirq_stack_ptr, sizeof(void *),
|
||||
"hardirq_stack_ptr (per_cpu)", QUIET|RETURN_ON_ERROR))
|
||||
continue;
|
||||
+ if (hardirq_stack_ptr != PAGEBASE(hardirq_stack_ptr))
|
||||
+ hardirq_stack_ptr += 8;
|
||||
ms->stkinfo.ibase[i] = hardirq_stack_ptr - ms->stkinfo.isize;
|
||||
} else if (irq_sp)
|
||||
ms->stkinfo.ibase[i] = irq_sp->value + kt->__per_cpu_offset[i];
|
||||
--
|
||||
2.29.2
|
||||
|
325
0017-Add-valgrind-support-for-the-crash-s-custom-memory-a.patch
Normal file
325
0017-Add-valgrind-support-for-the-crash-s-custom-memory-a.patch
Normal file
@ -0,0 +1,325 @@
|
||||
From 7ca9a8e21dc1ecb33195b6c9fdd207f203308636 Mon Sep 17 00:00:00 2001
|
||||
From: HATAYAMA Daisuke <d.hatayama@fujitsu.com>
|
||||
Date: Thu, 4 Mar 2021 20:20:28 +0900
|
||||
Subject: [PATCH 4/6] Add valgrind support for the crash's custom memory
|
||||
allocator
|
||||
|
||||
This adds valgrind support for the crash's custom memory allocator
|
||||
using the way described in the following valgrind's Memcheck manual:
|
||||
|
||||
https://www.valgrind.org/docs/manual/mc-manual.html#mc-manual.mempools
|
||||
|
||||
This helps detecting various memory errors on the crash's custom
|
||||
memory allocator.
|
||||
|
||||
To enable this feature, build crash command as:
|
||||
|
||||
# make valgrind
|
||||
|
||||
Then, run crash commnad using valgrind as:
|
||||
|
||||
# valgrind ./crash vmlinux vmcore
|
||||
|
||||
Signed-off-by: HATAYAMA Daisuke <d.hatayama@fujitsu.com>
|
||||
---
|
||||
Makefile | 4 +++
|
||||
README | 4 +++
|
||||
configure.c | 27 ++++++++++++++++++---
|
||||
help.c | 4 +++
|
||||
tools.c | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++++-
|
||||
5 files changed, 104 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/Makefile b/Makefile
|
||||
index b3c0d3a7f75b..31a3d3de0c07 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -333,6 +333,10 @@ snappy: make_configure
|
||||
@./configure -x snappy ${CONF_TARGET_FLAG} -w -b
|
||||
@make --no-print-directory gdb_merge
|
||||
|
||||
+valgrind: make_configure
|
||||
+ @./configure -x valgrind ${CONF_TARGET_FLAG} -w -b
|
||||
+ @make --no-print-directory gdb_merge
|
||||
+
|
||||
main.o: ${GENERIC_HFILES} main.c
|
||||
${CC} -c ${CRASH_CFLAGS} main.c ${WARNING_OPTIONS} ${WARNING_ERROR}
|
||||
|
||||
diff --git a/README b/README
|
||||
index e2af9249caa2..d4a830985056 100644
|
||||
--- a/README
|
||||
+++ b/README
|
||||
@@ -105,6 +105,10 @@
|
||||
use either the LZO or snappy compression libraries. To build crash with
|
||||
either or both of those libraries, type "make lzo" or "make snappy".
|
||||
|
||||
+ crash supports valgrind Memcheck tool on the crash's custom memory allocator.
|
||||
+ To build crash with this feature enabled, type "make valgrind" and then run
|
||||
+ crash with valgrind as "valgrind crash vmlinux vmcore".
|
||||
+
|
||||
All of the alternate build commands above are "sticky" in that the
|
||||
special "make" targets only have to be entered one time; all subsequent
|
||||
builds will follow suit.
|
||||
diff --git a/configure.c b/configure.c
|
||||
index 7f6d19e0b87e..9480829ad2da 100644
|
||||
--- a/configure.c
|
||||
+++ b/configure.c
|
||||
@@ -1704,18 +1704,22 @@ get_extra_flags(char *filename, char *initial)
|
||||
* a CFLAGS.extra file and an LDFLAGS.extra file.
|
||||
|
||||
* For lzo:
|
||||
+ * - enter -DLZO in the CFLAGS.extra file
|
||||
+ * - enter -llzo2 in the LDFLAGS.extra file
|
||||
+ *
|
||||
+ * For snappy:
|
||||
* - enter -DSNAPPY in the CFLAGS.extra file
|
||||
* - enter -lsnappy in the LDFLAGS.extra file
|
||||
*
|
||||
- * For snappy:
|
||||
- * - enter -DLZO in the CFLAGS.extra file
|
||||
- * - enter -llzo2 in the LDFLAGS.extra file.
|
||||
+ * For valgrind:
|
||||
+ * - enter -DVALGRIND in the CFLAGS.extra file
|
||||
*/
|
||||
void
|
||||
add_extra_lib(char *option)
|
||||
{
|
||||
int lzo, add_DLZO, add_llzo2;
|
||||
int snappy, add_DSNAPPY, add_lsnappy;
|
||||
+ int valgrind, add_DVALGRIND;
|
||||
char *cflags, *ldflags;
|
||||
FILE *fp_cflags, *fp_ldflags;
|
||||
char *mode;
|
||||
@@ -1723,6 +1727,7 @@ add_extra_lib(char *option)
|
||||
|
||||
lzo = add_DLZO = add_llzo2 = 0;
|
||||
snappy = add_DSNAPPY = add_lsnappy = 0;
|
||||
+ valgrind = add_DVALGRIND = 0;
|
||||
|
||||
ldflags = get_extra_flags("LDFLAGS.extra", NULL);
|
||||
cflags = get_extra_flags("CFLAGS.extra", NULL);
|
||||
@@ -1743,12 +1748,24 @@ add_extra_lib(char *option)
|
||||
add_lsnappy++;
|
||||
}
|
||||
|
||||
+ if (strcmp(option, "valgrind") == 0) {
|
||||
+ valgrind++;
|
||||
+ if (!cflags || !strstr(cflags, "-DVALGRIND"))
|
||||
+ add_DVALGRIND++;
|
||||
+ }
|
||||
+
|
||||
if ((lzo || snappy) &&
|
||||
file_exists("diskdump.o") && (unlink("diskdump.o") < 0)) {
|
||||
perror("diskdump.o");
|
||||
return;
|
||||
}
|
||||
|
||||
+ if (valgrind &&
|
||||
+ file_exists("tools.o") && (unlink("tools.o") < 0)) {
|
||||
+ perror("tools.o");
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
mode = file_exists("CFLAGS.extra") ? "r+" : "w+";
|
||||
if ((fp_cflags = fopen("CFLAGS.extra", mode)) == NULL) {
|
||||
perror("CFLAGS.extra");
|
||||
@@ -1762,13 +1779,15 @@ add_extra_lib(char *option)
|
||||
return;
|
||||
}
|
||||
|
||||
- if (add_DLZO || add_DSNAPPY) {
|
||||
+ if (add_DLZO || add_DSNAPPY || add_DVALGRIND) {
|
||||
while (fgets(inbuf, 512, fp_cflags))
|
||||
;
|
||||
if (add_DLZO)
|
||||
fputs("-DLZO\n", fp_cflags);
|
||||
if (add_DSNAPPY)
|
||||
fputs("-DSNAPPY\n", fp_cflags);
|
||||
+ if (add_DVALGRIND)
|
||||
+ fputs("-DVALGRIND\n", fp_cflags);
|
||||
}
|
||||
|
||||
if (add_llzo2 || add_lsnappy) {
|
||||
diff --git a/help.c b/help.c
|
||||
index 85b334a0419e..531f50a7cd82 100644
|
||||
--- a/help.c
|
||||
+++ b/help.c
|
||||
@@ -9387,6 +9387,10 @@ README_ENTER_DIRECTORY,
|
||||
" use either the LZO or snappy compression libraries. To build crash with",
|
||||
" either or both of those libraries, type \"make lzo\" or \"make snappy\".",
|
||||
"",
|
||||
+" crash supports valgrind Memcheck tool on the crash's custom memory allocator.",
|
||||
+" To build crash with this feature enabled, type \"make valgrind\" and then run",
|
||||
+" crash with valgrind as \"valgrind crash vmlinux vmcore\".",
|
||||
+"",
|
||||
" All of the alternate build commands above are \"sticky\" in that the",
|
||||
" special \"make\" targets only have to be entered one time; all subsequent",
|
||||
" builds will follow suit.",
|
||||
diff --git a/tools.c b/tools.c
|
||||
index 71bac6d0ee9a..e6978ae44ead 100644
|
||||
--- a/tools.c
|
||||
+++ b/tools.c
|
||||
@@ -18,6 +18,11 @@
|
||||
#include "defs.h"
|
||||
#include <ctype.h>
|
||||
|
||||
+#ifdef VALGRIND
|
||||
+#include <valgrind/valgrind.h>
|
||||
+#include <valgrind/memcheck.h>
|
||||
+#endif
|
||||
+
|
||||
static void print_number(struct number_option *, int, int);
|
||||
static long alloc_hq_entry(void);
|
||||
struct hq_entry;
|
||||
@@ -5679,8 +5684,21 @@ buf_init(void)
|
||||
|
||||
bp->smallest = 0x7fffffff;
|
||||
bp->total = 0.0;
|
||||
-}
|
||||
|
||||
+#ifdef VALGRIND
|
||||
+ VALGRIND_MAKE_MEM_NOACCESS(&bp->buf_1K, sizeof(bp->buf_1K));
|
||||
+ VALGRIND_MAKE_MEM_NOACCESS(&bp->buf_2K, sizeof(bp->buf_2K));
|
||||
+ VALGRIND_MAKE_MEM_NOACCESS(&bp->buf_4K, sizeof(bp->buf_4K));
|
||||
+ VALGRIND_MAKE_MEM_NOACCESS(&bp->buf_8K, sizeof(bp->buf_8K));
|
||||
+ VALGRIND_MAKE_MEM_NOACCESS(&bp->buf_32K, sizeof(bp->buf_32K));
|
||||
+
|
||||
+ VALGRIND_CREATE_MEMPOOL(&bp->buf_1K, 0, 1);
|
||||
+ VALGRIND_CREATE_MEMPOOL(&bp->buf_2K, 0, 1);
|
||||
+ VALGRIND_CREATE_MEMPOOL(&bp->buf_4K, 0, 1);
|
||||
+ VALGRIND_CREATE_MEMPOOL(&bp->buf_8K, 0, 1);
|
||||
+ VALGRIND_CREATE_MEMPOOL(&bp->buf_32K, 0, 1);
|
||||
+#endif
|
||||
+}
|
||||
|
||||
/*
|
||||
* Free up all buffers used by the last command.
|
||||
@@ -5707,6 +5725,26 @@ void free_all_bufs(void)
|
||||
if (bp->mallocs != bp->frees)
|
||||
error(WARNING, "malloc/free mismatch (%ld/%ld)\n",
|
||||
bp->mallocs, bp->frees);
|
||||
+
|
||||
+#ifdef VALGRIND
|
||||
+ VALGRIND_DESTROY_MEMPOOL(&bp->buf_1K);
|
||||
+ VALGRIND_DESTROY_MEMPOOL(&bp->buf_2K);
|
||||
+ VALGRIND_DESTROY_MEMPOOL(&bp->buf_4K);
|
||||
+ VALGRIND_DESTROY_MEMPOOL(&bp->buf_8K);
|
||||
+ VALGRIND_DESTROY_MEMPOOL(&bp->buf_32K);
|
||||
+
|
||||
+ VALGRIND_MAKE_MEM_NOACCESS(&bp->buf_1K, sizeof(bp->buf_1K));
|
||||
+ VALGRIND_MAKE_MEM_NOACCESS(&bp->buf_2K, sizeof(bp->buf_2K));
|
||||
+ VALGRIND_MAKE_MEM_NOACCESS(&bp->buf_4K, sizeof(bp->buf_4K));
|
||||
+ VALGRIND_MAKE_MEM_NOACCESS(&bp->buf_8K, sizeof(bp->buf_8K));
|
||||
+ VALGRIND_MAKE_MEM_NOACCESS(&bp->buf_32K, sizeof(bp->buf_32K));
|
||||
+
|
||||
+ VALGRIND_CREATE_MEMPOOL(&bp->buf_1K, 0, 1);
|
||||
+ VALGRIND_CREATE_MEMPOOL(&bp->buf_2K, 0, 1);
|
||||
+ VALGRIND_CREATE_MEMPOOL(&bp->buf_4K, 0, 1);
|
||||
+ VALGRIND_CREATE_MEMPOOL(&bp->buf_8K, 0, 1);
|
||||
+ VALGRIND_CREATE_MEMPOOL(&bp->buf_32K, 0, 1);
|
||||
+#endif
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -5731,6 +5769,9 @@ freebuf(char *addr)
|
||||
for (i = 0; i < NUMBER_1K_BUFS; i++) {
|
||||
if (addr == (char *)&bp->buf_1K[i]) {
|
||||
bp->buf_inuse[B1K] &= ~(1 << i);
|
||||
+#ifdef VALGRIND
|
||||
+ VALGRIND_MEMPOOL_FREE(&bp->buf_1K, addr);
|
||||
+#endif
|
||||
return;
|
||||
}
|
||||
}
|
||||
@@ -5738,6 +5779,9 @@ freebuf(char *addr)
|
||||
for (i = 0; i < NUMBER_2K_BUFS; i++) {
|
||||
if (addr == (char *)&bp->buf_2K[i]) {
|
||||
bp->buf_inuse[B2K] &= ~(1 << i);
|
||||
+#ifdef VALGRIND
|
||||
+ VALGRIND_MEMPOOL_FREE(&bp->buf_2K, addr);
|
||||
+#endif
|
||||
return;
|
||||
}
|
||||
}
|
||||
@@ -5745,6 +5789,9 @@ freebuf(char *addr)
|
||||
for (i = 0; i < NUMBER_4K_BUFS; i++) {
|
||||
if (addr == (char *)&bp->buf_4K[i]) {
|
||||
bp->buf_inuse[B4K] &= ~(1 << i);
|
||||
+#ifdef VALGRIND
|
||||
+ VALGRIND_MEMPOOL_FREE(&bp->buf_4K, addr);
|
||||
+#endif
|
||||
return;
|
||||
}
|
||||
}
|
||||
@@ -5752,6 +5799,9 @@ freebuf(char *addr)
|
||||
for (i = 0; i < NUMBER_8K_BUFS; i++) {
|
||||
if (addr == (char *)&bp->buf_8K[i]) {
|
||||
bp->buf_inuse[B8K] &= ~(1 << i);
|
||||
+#ifdef VALGRIND
|
||||
+ VALGRIND_MEMPOOL_FREE(&bp->buf_8K, addr);
|
||||
+#endif
|
||||
return;
|
||||
}
|
||||
}
|
||||
@@ -5759,6 +5809,9 @@ freebuf(char *addr)
|
||||
for (i = 0; i < NUMBER_32K_BUFS; i++) {
|
||||
if (addr == (char *)&bp->buf_32K[i]) {
|
||||
bp->buf_inuse[B32K] &= ~(1 << i);
|
||||
+#ifdef VALGRIND
|
||||
+ VALGRIND_MEMPOOL_FREE(&bp->buf_32K, addr);
|
||||
+#endif
|
||||
return;
|
||||
}
|
||||
}
|
||||
@@ -5924,6 +5977,9 @@ getbuf(long reqsize)
|
||||
bp->buf_inuse[B1K] |= (1 << bdx);
|
||||
bp->buf_1K_maxuse = MAX(bp->buf_1K_maxuse,
|
||||
count_bits_int(bp->buf_inuse[B1K]));
|
||||
+#ifdef VALGRIND
|
||||
+ VALGRIND_MEMPOOL_ALLOC(&bp->buf_1K, bufp, 1024);
|
||||
+#endif
|
||||
BZERO(bufp, 1024);
|
||||
return(bufp);
|
||||
}
|
||||
@@ -5938,6 +5994,9 @@ getbuf(long reqsize)
|
||||
bp->buf_inuse[B2K] |= (1 << bdx);
|
||||
bp->buf_2K_maxuse = MAX(bp->buf_2K_maxuse,
|
||||
count_bits_int(bp->buf_inuse[B2K]));
|
||||
+#ifdef VALGRIND
|
||||
+ VALGRIND_MEMPOOL_ALLOC(&bp->buf_2K, bufp, 2048);
|
||||
+#endif
|
||||
BZERO(bufp, 2048);
|
||||
return(bufp);
|
||||
}
|
||||
@@ -5952,6 +6011,9 @@ getbuf(long reqsize)
|
||||
bp->buf_inuse[B4K] |= (1 << bdx);
|
||||
bp->buf_4K_maxuse = MAX(bp->buf_4K_maxuse,
|
||||
count_bits_int(bp->buf_inuse[B4K]));
|
||||
+#ifdef VALGRIND
|
||||
+ VALGRIND_MEMPOOL_ALLOC(&bp->buf_4K, bufp, 4096);
|
||||
+#endif
|
||||
BZERO(bufp, 4096);
|
||||
return(bufp);
|
||||
}
|
||||
@@ -5966,6 +6028,9 @@ getbuf(long reqsize)
|
||||
bp->buf_inuse[B8K] |= (1 << bdx);
|
||||
bp->buf_8K_maxuse = MAX(bp->buf_8K_maxuse,
|
||||
count_bits_int(bp->buf_inuse[B8K]));
|
||||
+#ifdef VALGRIND
|
||||
+ VALGRIND_MEMPOOL_ALLOC(&bp->buf_8K, bufp, 8192);
|
||||
+#endif
|
||||
BZERO(bufp, 8192);
|
||||
return(bufp);
|
||||
}
|
||||
@@ -5980,6 +6045,9 @@ getbuf(long reqsize)
|
||||
bp->buf_inuse[B32K] |= (1 << bdx);
|
||||
bp->buf_32K_maxuse = MAX(bp->buf_32K_maxuse,
|
||||
count_bits_int(bp->buf_inuse[B32K]));
|
||||
+#ifdef VALGRIND
|
||||
+ VALGRIND_MEMPOOL_ALLOC(&bp->buf_32K, bufp, 32768);
|
||||
+#endif
|
||||
BZERO(bufp, 32768);
|
||||
return(bufp);
|
||||
}
|
||||
--
|
||||
2.29.2
|
||||
|
106
0018-symbols-Fix-potential-read-to-already-freed-object.patch
Normal file
106
0018-symbols-Fix-potential-read-to-already-freed-object.patch
Normal file
@ -0,0 +1,106 @@
|
||||
From 9d476851b2525522b71219578c14aee3c4580cae Mon Sep 17 00:00:00 2001
|
||||
From: HATAYAMA Daisuke <d.hatayama@fujitsu.com>
|
||||
Date: Thu, 4 Mar 2021 20:20:29 +0900
|
||||
Subject: [PATCH 5/6] symbols: Fix potential read to already freed object
|
||||
|
||||
valgrind detects the following potential invalid read to some already
|
||||
freed object:
|
||||
|
||||
Invalid read of size 4
|
||||
at 0x539641: datatype_info (symbols.c:5791)
|
||||
by 0x4EC8B1: dump_variable_length_record_log (kernel.c:5313)
|
||||
by 0x4EC8B1: dump_log (kernel.c:5042)
|
||||
by 0x4C5A25: get_panicmsg (task.c:6275)
|
||||
by 0x4F3E71: display_sys_stats (kernel.c:5645)
|
||||
by 0x464BC7: main_loop (main.c:797)
|
||||
by 0x6BF262: captured_command_loop (main.c:258)
|
||||
by 0x6BD869: catch_errors (exceptions.c:557)
|
||||
by 0x6C02E5: captured_main (main.c:1064)
|
||||
by 0x6BD869: catch_errors (exceptions.c:557)
|
||||
by 0x6C0596: gdb_main (main.c:1079)
|
||||
by 0x6C0596: gdb_main_entry (main.c:1099)
|
||||
by 0x46316F: main (main.c:708)
|
||||
Address 0xb498c8 is 72 bytes inside a block of size 1,024 free'd
|
||||
at 0x471261: freebuf (tools.c:5766)
|
||||
by 0x53946B: datatype_info (symbols.c:5747)
|
||||
by 0x4FEA2A: net_init (net.c:173)
|
||||
by 0x464A55: main_loop (main.c:777)
|
||||
by 0x6BF262: captured_command_loop (main.c:258)
|
||||
by 0x6BD869: catch_errors (exceptions.c:557)
|
||||
by 0x6C02E5: captured_main (main.c:1064)
|
||||
by 0x6BD869: catch_errors (exceptions.c:557)
|
||||
by 0x6C0596: gdb_main (main.c:1079)
|
||||
by 0x6C0596: gdb_main_entry (main.c:1099)
|
||||
by 0x46316F: main (main.c:708)
|
||||
Block was alloc'd at
|
||||
at 0x471C80: getbuf (tools.c:5965)
|
||||
by 0x5392B7: datatype_info (symbols.c:5624)
|
||||
by 0x4FEA2A: net_init (net.c:173)
|
||||
by 0x464A55: main_loop (main.c:777)
|
||||
by 0x6BF262: captured_command_loop (main.c:258)
|
||||
by 0x6BD869: catch_errors (exceptions.c:557)
|
||||
by 0x6C02E5: captured_main (main.c:1064)
|
||||
by 0x6BD869: catch_errors (exceptions.c:557)
|
||||
by 0x6C0596: gdb_main (main.c:1079)
|
||||
by 0x6C0596: gdb_main_entry (main.c:1099)
|
||||
by 0x46316F: main (main.c:708)
|
||||
|
||||
This was caused by the fact that in datatype_info(), the object
|
||||
associated with the variable req is freed too early although it's
|
||||
still be referred to after the freeing.
|
||||
|
||||
Fix this by changing the way allocating the object from by GETBUF() to
|
||||
by allocation on stack, which simplifies the code because explicit
|
||||
free() operations are unnecessary.
|
||||
|
||||
Signed-off-by: HATAYAMA Daisuke <d.hatayama@fujitsu.com>
|
||||
---
|
||||
symbols.c | 10 +++-------
|
||||
1 file changed, 3 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/symbols.c b/symbols.c
|
||||
index ed5f731fa1b3..215d523fb325 100644
|
||||
--- a/symbols.c
|
||||
+++ b/symbols.c
|
||||
@@ -5611,7 +5611,7 @@ datatype_init(void)
|
||||
long
|
||||
datatype_info(char *name, char *member, struct datatype_member *dm)
|
||||
{
|
||||
- struct gnu_request *req;
|
||||
+ struct gnu_request request, *req = &request;
|
||||
long offset, size, member_size;
|
||||
int member_typecode;
|
||||
ulong type_found;
|
||||
@@ -5625,7 +5625,7 @@ datatype_info(char *name, char *member, struct datatype_member *dm)
|
||||
|
||||
strcpy(buf, name);
|
||||
|
||||
- req = (struct gnu_request *)GETBUF(sizeof(struct gnu_request));
|
||||
+ BZERO(req, sizeof(*req));
|
||||
req->command = GNU_GET_DATATYPE;
|
||||
req->flags |= GNU_RETURN_ON_ERROR;
|
||||
req->name = buf;
|
||||
@@ -5633,10 +5633,8 @@ datatype_info(char *name, char *member, struct datatype_member *dm)
|
||||
req->fp = pc->nullfp;
|
||||
|
||||
gdb_interface(req);
|
||||
- if (req->flags & GNU_COMMAND_FAILED) {
|
||||
- FREEBUF(req);
|
||||
+ if (req->flags & GNU_COMMAND_FAILED)
|
||||
return (dm == MEMBER_TYPE_NAME_REQUEST) ? 0 : -1;
|
||||
- }
|
||||
|
||||
if (!req->typecode) {
|
||||
sprintf(buf, "struct %s", name);
|
||||
@@ -5748,8 +5746,6 @@ datatype_info(char *name, char *member, struct datatype_member *dm)
|
||||
break;
|
||||
}
|
||||
|
||||
- FREEBUF(req);
|
||||
-
|
||||
if (dm && (dm != MEMBER_SIZE_REQUEST) && (dm != MEMBER_TYPE_REQUEST) &&
|
||||
(dm != STRUCT_SIZE_REQUEST) && (dm != MEMBER_TYPE_NAME_REQUEST)) {
|
||||
dm->type = type_found;
|
||||
--
|
||||
2.29.2
|
||||
|
64
0019-tools-Fix-potential-write-to-object-of-0-size.patch
Normal file
64
0019-tools-Fix-potential-write-to-object-of-0-size.patch
Normal file
@ -0,0 +1,64 @@
|
||||
From 9c0c6c1b3750beafe4ac6a5441c2dbe26157d548 Mon Sep 17 00:00:00 2001
|
||||
From: HATAYAMA Daisuke <d.hatayama@fujitsu.com>
|
||||
Date: Thu, 4 Mar 2021 20:20:30 +0900
|
||||
Subject: [PATCH 6/6] tools: Fix potential write to object of 0 size
|
||||
|
||||
valgrind detects the following invalid write on the call of strcpy():
|
||||
|
||||
Invalid write of size 1
|
||||
at 0x483CCFE: strcpy (vg_replace_strmem.c:511)
|
||||
by 0x47202B: extract_hex (tools.c:1152)
|
||||
by 0x5104ED: search_for_switch_to (x86_64.c:6342)
|
||||
by 0x51D6EE: x86_64_thread_return_init (x86_64.c:6368)
|
||||
by 0x51D6EE: x86_64_init (x86_64.c:721)
|
||||
by 0x464A2D: main_loop (main.c:770)
|
||||
by 0x6BF1B2: captured_command_loop (main.c:258)
|
||||
by 0x6BD7B9: catch_errors (exceptions.c:557)
|
||||
by 0x6C0235: captured_main (main.c:1064)
|
||||
by 0x6BD7B9: catch_errors (exceptions.c:557)
|
||||
by 0x6C04E6: gdb_main (main.c:1079)
|
||||
by 0x6C04E6: gdb_main_entry (main.c:1099)
|
||||
by 0x46316F: main (main.c:708)
|
||||
Address 0x2b439eb8 is 0 bytes after a block of size 40 alloc'd
|
||||
at 0x483BAE9: calloc (vg_replace_malloc.c:760)
|
||||
by 0x471794: getbuf (tools.c:6036)
|
||||
by 0x47201D: extract_hex (tools.c:1151)
|
||||
by 0x5104ED: search_for_switch_to (x86_64.c:6342)
|
||||
by 0x51D6EE: x86_64_thread_return_init (x86_64.c:6368)
|
||||
by 0x51D6EE: x86_64_init (x86_64.c:721)
|
||||
by 0x464A2D: main_loop (main.c:770)
|
||||
by 0x6BF1B2: captured_command_loop (main.c:258)
|
||||
by 0x6BD7B9: catch_errors (exceptions.c:557)
|
||||
by 0x6C0235: captured_main (main.c:1064)
|
||||
by 0x6BD7B9: catch_errors (exceptions.c:557)
|
||||
by 0x6C04E6: gdb_main (main.c:1079)
|
||||
by 0x6C04E6: gdb_main_entry (main.c:1099)
|
||||
by 0x46316F: main (main.c:708)
|
||||
|
||||
This is due to strcpy() receives empty string in its 1st argument
|
||||
because the size of the buffer associated with buf variable then is of
|
||||
size 0 due to lack of consideration of the terminal '\0' byte.
|
||||
|
||||
Fix this by +1 to the buffer size for the terminal '\0' byte.
|
||||
|
||||
Signed-off-by: HATAYAMA Daisuke <d.hatayama@fujitsu.com>
|
||||
---
|
||||
tools.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/tools.c b/tools.c
|
||||
index e6978ae44ead..a26b101f6481 100644
|
||||
--- a/tools.c
|
||||
+++ b/tools.c
|
||||
@@ -1150,7 +1150,7 @@ extract_hex(char *s, ulong *result, char stripchar, ulong first_instance)
|
||||
ulong value;
|
||||
char *buf;
|
||||
|
||||
- buf = GETBUF(strlen(s));
|
||||
+ buf = GETBUF(strlen(s) + 1);
|
||||
strcpy(buf, s);
|
||||
argc = parse_line(buf, arglist);
|
||||
|
||||
--
|
||||
2.29.2
|
||||
|
56
crash.spec
56
crash.spec
@ -4,36 +4,41 @@
|
||||
Summary: Kernel analysis utility for live systems, netdump, diskdump, kdump, LKCD or mcore dumpfiles
|
||||
Name: crash
|
||||
Version: 7.2.9
|
||||
Release: 4%{?dist}
|
||||
Release: 5%{?dist}
|
||||
License: GPLv3
|
||||
Source0: https://github.com/crash-utility/crash/archive/crash-%{version}.tar.gz
|
||||
Source1: http://ftp.gnu.org/gnu/gdb/gdb-7.6.tar.gz
|
||||
URL: https://crash-utility.github.io
|
||||
ExclusiveOS: Linux
|
||||
ExclusiveArch: %{ix86} ia64 x86_64 ppc ppc64 s390 s390x %{arm} aarch64 ppc64le
|
||||
BuildRequires: ncurses-devel zlib-devel lzo-devel snappy-devel bison readline-devel
|
||||
BuildRequires: ncurses-devel zlib-devel lzo-devel snappy-devel bison
|
||||
BuildRequires: gcc gcc-c++
|
||||
BuildRequires: make
|
||||
Requires: binutils
|
||||
Provides: bundled(libiberty)
|
||||
Provides: bundled(gdb) = 7.6
|
||||
Patch0: lzo_snappy.patch
|
||||
Patch1: use_system_readline_v3.patch
|
||||
Patch2: printk-add-support-for-lockless-ringbuffer.patch
|
||||
Patch3: printk-use-committed-finalized-state-values.patch
|
||||
Patch4: 0001-x86_64-VC-exception-stack-support.patch
|
||||
Patch5: 0002-netdump-fix-regression-for-raw-RAM-dumpfiles.patch
|
||||
Patch6: 0003-arm64-update-mapping-symbol-filter-in-arm64_verify_s.patch
|
||||
Patch7: 0004-extensions-eppic.mk-move-ping-check-to-recipe-script.patch
|
||||
Patch8: 0005-Fix-segmentation-fault-when-ikconfig-passed-nonstand.patch
|
||||
Patch9: 0006-netdump-fix-illegal-read-from-already-freed-buffer.patch
|
||||
Patch10: 0007-tools-fix-potential-source-and-destination-overlap-w.patch
|
||||
Patch11: 0008-set-add-ability-to-un-set-scope.patch
|
||||
Patch12: 0009-Fix-sys-t-mod-S-after-mod-t-when-crash-runs-with-s-o.patch
|
||||
Patch13: 0010-Fix-dev-d-option-on-Linux-5.11-rc1-and-later-kernels.patch
|
||||
Patch14: 0011-Fix-kmem-v-option-on-Linux-5.11-rc1-and-later-kernel.patch
|
||||
Patch15: 0012-mod-Show-the-base-address-of-module.patch
|
||||
Patch16: 0013-xen-increase-__PHYSICAL_MASK_SHIFT_XEN-to-52.patch
|
||||
Patch1: printk-add-support-for-lockless-ringbuffer.patch
|
||||
Patch2: printk-use-committed-finalized-state-values.patch
|
||||
Patch3: 0001-x86_64-VC-exception-stack-support.patch
|
||||
Patch4: 0002-netdump-fix-regression-for-raw-RAM-dumpfiles.patch
|
||||
Patch5: 0003-arm64-update-mapping-symbol-filter-in-arm64_verify_s.patch
|
||||
Patch6: 0004-extensions-eppic.mk-move-ping-check-to-recipe-script.patch
|
||||
Patch7: 0005-Fix-segmentation-fault-when-ikconfig-passed-nonstand.patch
|
||||
Patch8: 0006-netdump-fix-illegal-read-from-already-freed-buffer.patch
|
||||
Patch9: 0007-tools-fix-potential-source-and-destination-overlap-w.patch
|
||||
Patch10: 0008-set-add-ability-to-un-set-scope.patch
|
||||
Patch11: 0009-Fix-sys-t-mod-S-after-mod-t-when-crash-runs-with-s-o.patch
|
||||
Patch12: 0010-Fix-dev-d-option-on-Linux-5.11-rc1-and-later-kernels.patch
|
||||
Patch13: 0011-Fix-kmem-v-option-on-Linux-5.11-rc1-and-later-kernel.patch
|
||||
Patch14: 0012-mod-Show-the-base-address-of-module.patch
|
||||
Patch15: 0013-xen-increase-__PHYSICAL_MASK_SHIFT_XEN-to-52.patch
|
||||
Patch16: 0014-log-change-log-level-print-in-older-kernels.patch
|
||||
Patch17: 0015-Makefile-reduce-crash-build-log.patch
|
||||
Patch18: 0016-x86_64-fix-bt-command-on-5.12-rc1-and-later-kernels.patch
|
||||
Patch19: 0017-Add-valgrind-support-for-the-crash-s-custom-memory-a.patch
|
||||
Patch20: 0018-symbols-Fix-potential-read-to-already-freed-object.patch
|
||||
Patch21: 0019-tools-Fix-potential-write-to-object-of-0-size.patch
|
||||
|
||||
%description
|
||||
The core analysis suite is a self-contained tool that can be used to
|
||||
@ -54,9 +59,9 @@ offered by Mission Critical Linux, or the LKCD kernel patch.
|
||||
%prep
|
||||
%setup -n %{name}-%{version} -q
|
||||
%patch0 -p1 -b lzo_snappy.patch
|
||||
%patch1 -p1 -b use_system_readline_v3.patch
|
||||
%patch2 -p1 -b printk-add-support-for-lockless-ringbuffer.patch
|
||||
%patch3 -p1 -b printk-use-committed-finalized-state-values.patch
|
||||
%patch1 -p1 -b printk-add-support-for-lockless-ringbuffer.patch
|
||||
%patch2 -p1 -b printk-use-committed-finalized-state-values.patch
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
%patch5 -p1
|
||||
%patch6 -p1
|
||||
@ -70,6 +75,11 @@ offered by Mission Critical Linux, or the LKCD kernel patch.
|
||||
%patch14 -p1
|
||||
%patch15 -p1
|
||||
%patch16 -p1
|
||||
%patch17 -p1
|
||||
%patch18 -p1
|
||||
%patch19 -p1
|
||||
%patch20 -p1
|
||||
%patch21 -p1
|
||||
|
||||
%build
|
||||
# This package has an internal copy of GDB which has broken configure code for
|
||||
@ -101,6 +111,10 @@ cp -p defs.h %{buildroot}%{_includedir}/crash
|
||||
%{_includedir}/*
|
||||
|
||||
%changelog
|
||||
* Mon Mar 08 2021 Lianbo Jiang <lijiang@redhat.com> - 7.2.9-5
|
||||
- Fix Segmentation fault
|
||||
- Update to the latest upstream: commit <9c0c6c1b3750>
|
||||
|
||||
* Fri Feb 05 2021 Lianbo Jiang <lijiang@redhat.com> - 7.2.9-4
|
||||
- Update to the latest upstream: commit <fdb41f0b6fa4>
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user