[patch] crash on a KVM-generated dump

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

There's a bug in Debian bugzilla on crash crashing:

   http://bugs.debian.org/599353

Attached is a message I sent to that bug which contains a patch that
fixes the problem (but in a non-beautiful way).

Is there a redhat bugzilla entry for crash, by the way? Finding
applications there was kind of hard, especially given that the query
would be "crash".

	Sami


----- Forwarded message from Sami Liedes <sliedes@xxxxxxxxx> -----

Date: Thu, 7 Oct 2010 21:50:22 +0300
From: Sami Liedes <sliedes@xxxxxxxxx>
To: 599353@xxxxxxxxxxxxxxx
Subject: [patch] Hack to fix this crash
User-Agent: Mutt/1.5.20 (2009-06-14)

Hi,

The crashing is pretty nondeterministic; today the existence of $HOME
does not seem to have an effect (confirmed by Timo).

It seems to be caused by heap corruption. The code in fault is in
x86_64.c; On some core files (produced by KVM), the interrupt stack
size (machdep->machspec->stkinfo.isize) is somehow calculated to be 0,
and 0 is passed to malloc() in x86_64.c:342. Later data is written
through that pointer.

Here's a minimal patch (crude hack, not a real fix for the underlying
problem) to make this work:

------------------------------------------------------------
diff -ur crash-5.0.7/x86_64.c crash-5.0.7.patched//x86_64.c
--- crash-5.0.7/x86_64.c	2010-08-27 20:36:18.000000000 +0300
+++ crash-5.0.7.patched//x86_64.c	2010-10-07 21:23:16.079119657 +0300
@@ -339,6 +339,9 @@
 			x86_64_per_cpu_init();
 		x86_64_ist_init();
 		machdep->in_alternate_stack = x86_64_in_alternate_stack;
+		/* HACK */
+		if (machdep->machspec->stkinfo.isize == 0)
+		    machdep->machspec->stkinfo.isize = 65536;
                 if ((machdep->machspec->irqstack = (char *)
 		    malloc(machdep->machspec->stkinfo.isize)) == NULL)
                         error(FATAL, "cannot malloc irqstack space.");
------------------------------------------------------------

Here are the valgrind warnings produced (search for "invalid write" to
find the fault causing this; not that the other problems would not be
worth fixing):

------------------------------------------------------------
$ valgrind crash vmlinux new.core
==10013== Memcheck, a memory error detector
==10013== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==10013== Using Valgrind-3.6.0.SVN-Debian and LibVEX; rerun with -h for copyright info
==10013== Command: crash vmlinux new.core
==10013== 

crash 5.0.7
Copyright (C) 2002-2010  Red Hat, Inc.
Copyright (C) 2004, 2005, 2006  IBM Corporation
Copyright (C) 1999-2006  Hewlett-Packard Co
Copyright (C) 2005, 2006  Fujitsu Limited
Copyright (C) 2006, 2007  VA Linux Systems Japan K.K.
Copyright (C) 2005  NEC Corporation
Copyright (C) 1999, 2002, 2007  Silicon Graphics, Inc.
Copyright (C) 1999, 2000, 2001, 2002  Mission Critical Linux, Inc.
This program is free software, covered by the GNU General Public License,
and you are welcome to change it and/or distribute copies of it under
certain conditions.  Enter "help copying" to see the conditions.
This program has absolutely no warranty.  Enter "help warranty" for details.
 
GNU gdb (GDB) 7.0                               
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu"...

==10013== Conditional jump or move depends on uninitialised value(s)
==10013==    at 0x5079290: inflateReset2 (inflate.c:157)
==10013==    by 0x507937F: inflateInit2_ (inflate.c:193)
==10013==    by 0x4DB05B: read_in_kernel_config (kernel.c:6708)
==10013==    by 0x45D82B: main_loop (main.c:552)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013==    by 0x4DBA55: gdb_main_loop (gdb_interface.c:78)
==10013== 
==10013== Conditional jump or move depends on uninitialised value(s)
==10013==    at 0x4C26BB7: __GI___rawmemchr (mc_replace_strmem.c:729)
==10013==    by 0x577D1FF: _IO_str_init_static_internal (strops.c:45)
==10013==    by 0x57613E4: __isoc99_vsscanf (isoc99_vsscanf.c:42)
==10013==    by 0x5761377: __isoc99_sscanf (isoc99_sscanf.c:33)
==10013==    by 0x4DB12B: read_in_kernel_config (kernel.c:6733)
==10013==    by 0x45D82B: main_loop (main.c:552)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013== 
==10013== Use of uninitialised value of size 8
==10013==    at 0x5758FFF: _IO_vfscanf (vfscanf.c:600)
==10013==    by 0x57613F9: __isoc99_vsscanf (isoc99_vsscanf.c:44)
==10013==    by 0x5761377: __isoc99_sscanf (isoc99_sscanf.c:33)
==10013==    by 0x4DB12B: read_in_kernel_config (kernel.c:6733)
==10013==    by 0x45D82B: main_loop (main.c:552)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013== 
==10013== Conditional jump or move depends on uninitialised value(s)
==10013==    at 0x5759014: _IO_vfscanf (vfscanf.c:602)
==10013==    by 0x57613F9: __isoc99_vsscanf (isoc99_vsscanf.c:44)
==10013==    by 0x5761377: __isoc99_sscanf (isoc99_sscanf.c:33)
==10013==    by 0x4DB12B: read_in_kernel_config (kernel.c:6733)
==10013==    by 0x45D82B: main_loop (main.c:552)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013== 
==10013== Conditional jump or move depends on uninitialised value(s)
==10013==    at 0x577B789: _IO_sputbackc (genops.c:730)
==10013==    by 0x5759042: _IO_vfscanf (vfscanf.c:602)
==10013==    by 0x57613F9: __isoc99_vsscanf (isoc99_vsscanf.c:44)
==10013==    by 0x5761377: __isoc99_sscanf (isoc99_sscanf.c:33)
==10013==    by 0x4DB12B: read_in_kernel_config (kernel.c:6733)
==10013==    by 0x45D82B: main_loop (main.c:552)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013== 
==10013== Conditional jump or move depends on uninitialised value(s)
==10013==    at 0x4C26BAA: __GI___rawmemchr (mc_replace_strmem.c:729)
==10013==    by 0x577D1FF: _IO_str_init_static_internal (strops.c:45)
==10013==    by 0x57613E4: __isoc99_vsscanf (isoc99_vsscanf.c:42)
==10013==    by 0x5761377: __isoc99_sscanf (isoc99_sscanf.c:33)
==10013==    by 0x4DB12B: read_in_kernel_config (kernel.c:6733)
==10013==    by 0x45D82B: main_loop (main.c:552)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013== 
==10013== Use of uninitialised value of size 8
==10013==    at 0x575B66C: _IO_vfscanf (vfscanf.c:2734)
==10013==    by 0x57613F9: __isoc99_vsscanf (isoc99_vsscanf.c:44)
==10013==    by 0x5761377: __isoc99_sscanf (isoc99_sscanf.c:33)
==10013==    by 0x4DB12B: read_in_kernel_config (kernel.c:6733)
==10013==    by 0x45D82B: main_loop (main.c:552)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013== 
==10013== Use of uninitialised value of size 8
==10013==    at 0x575B70B: _IO_vfscanf (vfscanf.c:2734)
==10013==    by 0x57613F9: __isoc99_vsscanf (isoc99_vsscanf.c:44)
==10013==    by 0x5761377: __isoc99_sscanf (isoc99_sscanf.c:33)
==10013==    by 0x4DB12B: read_in_kernel_config (kernel.c:6733)
==10013==    by 0x45D82B: main_loop (main.c:552)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013== 
==10013== Conditional jump or move depends on uninitialised value(s)
==10013==    at 0x46318F: whitespace (tools.c:222)
==10013==    by 0x4DB1A4: read_in_kernel_config (kernel.c:6743)
==10013==    by 0x45D82B: main_loop (main.c:552)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013==    by 0x4DBA55: gdb_main_loop (gdb_interface.c:78)
==10013==    by 0x45D78E: main (main.c:525)
==10013== 
==10013== Conditional jump or move depends on uninitialised value(s)
==10013==    at 0x463195: whitespace (tools.c:222)
==10013==    by 0x4DB1A4: read_in_kernel_config (kernel.c:6743)
==10013==    by 0x45D82B: main_loop (main.c:552)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013==    by 0x4DBA55: gdb_main_loop (gdb_interface.c:78)
==10013==    by 0x45D78E: main (main.c:525)
==10013== 
==10013== Conditional jump or move depends on uninitialised value(s)
==10013==    at 0x4DB1B2: read_in_kernel_config (kernel.c:6747)
==10013==    by 0x45D82B: main_loop (main.c:552)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013==    by 0x4DBA55: gdb_main_loop (gdb_interface.c:78)
==10013==    by 0x45D78E: main (main.c:525)
==10013== 
==10013== Conditional jump or move depends on uninitialised value(s)
==10013==    at 0x4C2536A: __GI_strchr (mc_replace_strmem.c:144)
==10013==    by 0x4DB218: read_in_kernel_config (kernel.c:6755)
==10013==    by 0x45D82B: main_loop (main.c:552)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013==    by 0x4DBA55: gdb_main_loop (gdb_interface.c:78)
==10013==    by 0x45D78E: main (main.c:525)
==10013== 
==10013== Conditional jump or move depends on uninitialised value(s)
==10013==    at 0x4C25380: __GI_strchr (mc_replace_strmem.c:144)
==10013==    by 0x4DB218: read_in_kernel_config (kernel.c:6755)
==10013==    by 0x45D82B: main_loop (main.c:552)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013==    by 0x4DBA55: gdb_main_loop (gdb_interface.c:78)
==10013==    by 0x45D78E: main (main.c:525)
==10013== 
==10013== Conditional jump or move depends on uninitialised value(s)
==10013==    at 0x4C2537A: __GI_strchr (mc_replace_strmem.c:144)
==10013==    by 0x4DB218: read_in_kernel_config (kernel.c:6755)
==10013==    by 0x45D82B: main_loop (main.c:552)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013==    by 0x4DBA55: gdb_main_loop (gdb_interface.c:78)
==10013==    by 0x45D78E: main (main.c:525)
==10013== 
WARNING: cannot determine how modules are linked
WARNING: no kernel module access

==10013== Invalid write of size 1               
==10013==    at 0x4C26A88: memset (mc_replace_strmem.c:602)
==10013==    by 0x561F36: read_kvmdump (kvmdump.c:174)
==10013==    by 0x473D3F: readmem (memory.c:1842)
==10013==    by 0x4EC125: x86_64_post_init (x86_64.c:1062)
==10013==    by 0x4E8E56: x86_64_init (x86_64.c:415)
==10013==    by 0x45D871: main_loop (main.c:563)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==  Address 0x5b183e0 is 0 bytes after a block of size 0 alloc'd
==10013==    at 0x4C244E8: malloc (vg_replace_malloc.c:236)
==10013==    by 0x4E8AF3: x86_64_init (x86_64.c:342)
==10013==    by 0x45D83A: main_loop (main.c:554)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013==    by 0x4DBA55: gdb_main_loop (gdb_interface.c:78)
==10013==    by 0x45D78E: main (main.c:525)
==10013== 
==10013== Invalid write of size 1
==10013==    at 0x4C26A8C: memset (mc_replace_strmem.c:602)
==10013==    by 0x561F36: read_kvmdump (kvmdump.c:174)
==10013==    by 0x473D3F: readmem (memory.c:1842)
==10013==    by 0x4EC125: x86_64_post_init (x86_64.c:1062)
==10013==    by 0x4E8E56: x86_64_init (x86_64.c:415)
==10013==    by 0x45D871: main_loop (main.c:563)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==  Address 0x5b183e1 is 1 bytes after a block of size 0 alloc'd
==10013==    at 0x4C244E8: malloc (vg_replace_malloc.c:236)
==10013==    by 0x4E8AF3: x86_64_init (x86_64.c:342)
==10013==    by 0x45D83A: main_loop (main.c:554)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013==    by 0x4DBA55: gdb_main_loop (gdb_interface.c:78)
==10013==    by 0x45D78E: main (main.c:525)
==10013== 
==10013== Invalid write of size 1
==10013==    at 0x4C26A94: memset (mc_replace_strmem.c:602)
==10013==    by 0x561F36: read_kvmdump (kvmdump.c:174)
==10013==    by 0x473D3F: readmem (memory.c:1842)
==10013==    by 0x4EC125: x86_64_post_init (x86_64.c:1062)
==10013==    by 0x4E8E56: x86_64_init (x86_64.c:415)
==10013==    by 0x45D871: main_loop (main.c:563)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==  Address 0x5b183e2 is 2 bytes after a block of size 0 alloc'd
==10013==    at 0x4C244E8: malloc (vg_replace_malloc.c:236)
==10013==    by 0x4E8AF3: x86_64_init (x86_64.c:342)
==10013==    by 0x45D83A: main_loop (main.c:554)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013==    by 0x4DBA55: gdb_main_loop (gdb_interface.c:78)
==10013==    by 0x45D78E: main (main.c:525)
==10013== 
==10013== Invalid write of size 1
==10013==    at 0x4C26A99: memset (mc_replace_strmem.c:602)
==10013==    by 0x561F36: read_kvmdump (kvmdump.c:174)
==10013==    by 0x473D3F: readmem (memory.c:1842)
==10013==    by 0x4EC125: x86_64_post_init (x86_64.c:1062)
==10013==    by 0x4E8E56: x86_64_init (x86_64.c:415)
==10013==    by 0x45D871: main_loop (main.c:563)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==  Address 0x5b183e3 is 3 bytes after a block of size 0 alloc'd
==10013==    at 0x4C244E8: malloc (vg_replace_malloc.c:236)
==10013==    by 0x4E8AF3: x86_64_init (x86_64.c:342)
==10013==    by 0x45D83A: main_loop (main.c:554)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013==    by 0x4DBA55: gdb_main_loop (gdb_interface.c:78)
==10013==    by 0x45D78E: main (main.c:525)
==10013== 
==10013== Invalid write of size 1
==10013==    at 0x4C26AA9: memset (mc_replace_strmem.c:602)
==10013==    by 0x561F36: read_kvmdump (kvmdump.c:174)
==10013==    by 0x473D3F: readmem (memory.c:1842)
==10013==    by 0x4EC125: x86_64_post_init (x86_64.c:1062)
==10013==    by 0x4E8E56: x86_64_init (x86_64.c:415)
==10013==    by 0x45D871: main_loop (main.c:563)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==  Address 0x5b183e8 is 8 bytes after a block of size 0 alloc'd
==10013==    at 0x4C244E8: malloc (vg_replace_malloc.c:236)
==10013==    by 0x4E8AF3: x86_64_init (x86_64.c:342)
==10013==    by 0x45D83A: main_loop (main.c:554)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013==    by 0x4DBA55: gdb_main_loop (gdb_interface.c:78)
==10013==    by 0x45D78E: main (main.c:525)
==10013== 
      KERNEL: vmlinux
    DUMPFILE: new.core
        CPUS: 1
        DATE: Fri Oct  1 21:26:15 2010
      UPTIME: 00:00:56
LOAD AVERAGE: 0.14, 0.05, 0.02
       TASKS: 45
    NODENAME: fstest
     RELEASE: 2.6.35.6
     VERSION: #2 Wed Sep 29 15:05:49 EEST 2010
     MACHINE: x86_64  (2394 Mhz)
==10013== Source and destination overlap in strcpy(0x7fefffae2, 0x7fefffae4)
==10013==    at 0x4C25918: strcpy (mc_replace_strmem.c:311)
==10013==    by 0x46E9DE: pages_to_size (tools.c:4640)
==10013==    by 0x49393F: get_memory_size (memory.c:11145)
==10013==    by 0x4CFFC5: display_sys_stats (kernel.c:3927)
==10013==    by 0x45D934: main_loop (main.c:581)
==10013==    by 0x584413: current_interp_command_loop (interps.c:288)
==10013==    by 0x584DD2: captured_command_loop (main.c:226)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585ECB: captured_main (main.c:924)
==10013==    by 0x583E33: catch_errors (exceptions.c:520)
==10013==    by 0x585F10: gdb_main (main.c:939)
==10013==    by 0x585F65: gdb_main_entry (main.c:959)
==10013== 
      MEMORY: 1 GB
       PANIC: ""
         PID: 0
     COMMAND: "swapper"
        TASK: ffffffff81a13040  [THREAD_INFO: ffffffff81a00000]
         CPU: 0
       STATE: TASK_RUNNING (ACTIVE)
     WARNING: panic task not found

crash> q
==10013== 
==10013== HEAP SUMMARY:
==10013==     in use at exit: 53,444,536 bytes in 10,730 blocks
==10013==   total heap usage: 396,156 allocs, 385,426 frees, 2,187,205,021 bytes allocated
==10013== 
==10013== LEAK SUMMARY:
==10013==    definitely lost: 6,414 bytes in 35 blocks
==10013==    indirectly lost: 24 bytes in 1 blocks
==10013==      possibly lost: 42,174,127 bytes in 8,022 blocks
==10013==    still reachable: 11,263,971 bytes in 2,672 blocks
==10013==         suppressed: 0 bytes in 0 blocks
==10013== Rerun with --leak-check=full to see details of leaked memory
==10013== 
==10013== For counts of detected and suppressed errors, rerun with: -v
==10013== Use --track-origins=yes to see where uninitialised values come from
==10013== ERROR SUMMARY: 6710 errors from 21 contexts (suppressed: 4 from 4)
------------------------------------------------------------

	Sami

----- End forwarded message -----

Attachment: signature.asc
Description: Digital signature

--
Crash-utility mailing list
Crash-utility@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/crash-utility

[Index of Archives]     [Fedora Development]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]

 

Powered by Linux