[Crash-utility] [RFC PATCH] struct: Fix handing of percpu symbols

[Aaron Tomlin]

On Thu 2016-04-21 14:59 -0400, Dave Anderson wrote:

Hi Dave,

> Sorry for the delay in getting around to testing this patch.

No problem at all.

> My first test attempt was with the kmalloc-32 slab freelist corruption vmcores
> that I'm looking at, just because they involve the kmem_cache data structure,
> which contains a per-cpu pointer to each cpu's the kmem_cache_cpu structure:
> 
>   struct kmem_cache {
>         struct kmem_cache_cpu __percpu *cpu_slab;
>         ...

[ ... ]

> Now, with your patch applied, I get this:
> 
>   crash> kmem_cache_cpu 163c0:a
>   struct: invalid percpu symbol value: 163c0
>   crash> 
> 
> I tried it both with your original patch, and with your original patch 
> with your updated open_tmpfile() segment jammed in.

IIUC, the cpu_slab object is allocated from the dynamic percpu area.
Unfortunately the patch only takes into consideration static in-kernel
percpu symbols i.e. those between the range of __per_cpu_start and
__per_cpu_end.

Not sure how to test for such percpu symbols at the moment.

Looking at the patch again perhaps the following is more suitable for
per_cpu_symbol_value_search():

--- a/symbols.c
+++ b/symbols.c
@@ -5181,7 +5181,8 @@ per_cpu_symbol_value_search(ulong value)
        if ((sp = symval_hash_search(value)) == NULL)
                sp = st->symtable;

-       for (; sp < st->symend; sp++)
+       for (; sp < st->__per_cpu_end; sp++)
+
                if (value == sp->value)
                        return sp = __per_cpu_symbol_search(sp->name);



-- 
Aaron Tomlin