linux-toradex.git/scripts/kallsyms.c, branch v3.0.3 Linux kernel for Apalis and Colibri modules scripts/kallsyms.c: fix potential segfault 2011-05-12T15:23:40+00:00 Xiaochen Wang wangxiaochen0@gmail.com 2011-05-01T03:41:41+00:00 e0a04b11e4059cab033469617c2a3ce2d8cab416 Description: This bug hardly appears during real kernel compiling, because the vmlinux symbols table is huge. But we can still catch it under strict condition , as follows. $ echo "c101b97b T do_fork" | ./scripts/kallsyms --all-symbols #include <asm/types.h> ...... ...... .globl kallsyms_token_table ALGN kallsyms_token_table: Segmentation fault (core dumped) $ If symbols table is small, all entries in token_profit[0x10000] may decrease to 0 after several calls of compress_symbols() in optimize_result(). In that case, find_best_token() always return 0 and best_table[i] is set to "\0\0" and best_table_len[i] is set to 2. As a result, expand_symbol(best_table[0]="\0\0", best_table_len[0]=2, buf) in write_src() will run in infinite recursion until stack overflows, causing segfault. This patch checks the find_best_token() return value. If all entries in token_profit[0x10000] become 0 according to return value, it breaks the loop in optimize_result(). And expand_symbol() works well when best_table_len[i] is 0. Signed-off-by: Xiaochen Wang <wangxiaochen0@gmail.com> Acked-by: Paulo Marques <pmarques@grupopie.com> Signed-off-by: Michal Marek <mmarek@suse.cz> 
Description:
This bug hardly appears during real kernel compiling,
 because the vmlinux symbols table is huge.

But we can still catch it under strict condition , as follows.
   $ echo "c101b97b T do_fork" | ./scripts/kallsyms --all-symbols
   #include <asm/types.h>
   ......
   ......
   .globl kallsyms_token_table
           ALGN
   kallsyms_token_table:
   Segmentation fault (core dumped)
   $

If symbols table is small, all entries in token_profit[0x10000] may
decrease to 0 after several calls of compress_symbols() in optimize_result().
In that case, find_best_token() always return 0 and
best_table[i] is set to "\0\0" and best_table_len[i] is set to 2.

As a result, expand_symbol(best_table[0]="\0\0", best_table_len[0]=2, buf)
in write_src() will run in infinite recursion until stack overflows,
causing segfault.

This patch checks the find_best_token() return value. If all entries in
token_profit[0x10000] become 0 according to return value, it breaks the loop
in optimize_result().
And expand_symbol() works well when best_table_len[i] is 0.

Signed-off-by: Xiaochen Wang <wangxiaochen0@gmail.com>
Acked-by: Paulo Marques <pmarques@grupopie.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
scripts/kallsyms: Enable error messages while hush up unnecessary warnings 2010-09-29T14:18:27+00:00 Jean Sacren sakiwit@gmail.com 2010-09-11T05:13:33+00:00 ef894870c6c38580e540c29cfb22a827d54a950a As no error was handled, we wouldn't be able to know when an error does occur. The fix preserves error messages while it doesn't let unnecessary compiling warnings show up. Signed-off-by: Jean Sacren <sakiwit@gmail.com> Signed-off-by: Michal Marek <mmarek@suse.cz> 
As no error was handled, we wouldn't be able to know when an error does
occur. The fix preserves error messages while it doesn't let unnecessary
compiling warnings show up.

Signed-off-by: Jean Sacren <sakiwit@gmail.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
scripts/kallsyms: suppress build warning 2010-02-02T13:33:56+00:00 Himanshu Chauhan hschauhan@nulltrace.org 2010-01-28T00:53:20+00:00 71d41aed9468a1239cff1b2d928954885b09de6c Suppress a warn_unused_result warning. fgets is called as a part of error handling. It is called just to drop a line and return immediately. read_map is reading the file in a loop and read_symbol reads line by line. So I think there is no point in using return value for useful checking. Other checks like 3 items were returned or !EOF have already been done. Signed-off-by: Himanshu Chauhan <hschauhan@nulltrace.org> Cc: WANG Cong <xiyou.wangcong@gmail.com> Cc: Michal Marek <mmarek@suse.cz> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Michal Marek <mmarek@suse.cz> 
Suppress a warn_unused_result warning.

fgets is called as a part of error handling.  It is called just to drop a
line and return immediately.  read_map is reading the file in a loop and
read_symbol reads line by line.  So I think there is no point in using
return value for useful checking.  Other checks like 3 items were returned
or !EOF have already been done.

Signed-off-by: Himanshu Chauhan <hschauhan@nulltrace.org>
Cc: WANG Cong <xiyou.wangcong@gmail.com>
Cc: Michal Marek <mmarek@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Michal Marek <mmarek@suse.cz>
kallsyms: fix segfault in prefix_underscores_count() 2009-09-23T14:39:30+00:00 Paul Mundt lethal@linux-sh.org 2009-09-22T23:44:12+00:00 a9ece53c4089ef23d4002d34c4c7148d94622a40 Commit b478b782e110fdb4135caa3062b6d687e989d994 "kallsyms, tracing: output more proper symbol name" introduces a "bugfix" that introduces a segfault in kallsyms in my configurations. The cause is the introduction of prefix_underscores_count() which attempts to count underscores, even in symbols that do not have them. As a result, it just uselessly runs past the end of the buffer until it crashes: CC init/version.o LD init/built-in.o LD .tmp_vmlinux1 KSYM .tmp_kallsyms1.S /bin/sh: line 1: 16934 Done sh-linux-gnu-nm -n .tmp_vmlinux1 16935 Segmentation fault | scripts/kallsyms > .tmp_kallsyms1.S make: *** [.tmp_kallsyms1.S] Error 139 This simplifies the logic and just does a straightforward count. Signed-off-by: Paul Mundt <lethal@linux-sh.org> Reviewed-by: Li Zefan <lizf@cn.fujitsu.com> Cc: Lai Jiangshan <laijs@cn.fujitsu.com> Cc: Sam Ravnborg <sam@ravnborg.org> Cc: Paulo Marques <pmarques@grupopie.com> Cc: Ingo Molnar <mingo@elte.hu> Cc: <stable@kernel.org> [2.6.30.x, 2.6.31.x] Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
Commit b478b782e110fdb4135caa3062b6d687e989d994 "kallsyms, tracing: output
more proper symbol name" introduces a "bugfix" that introduces a segfault
in kallsyms in my configurations.

The cause is the introduction of prefix_underscores_count() which attempts
to count underscores, even in symbols that do not have them.  As a result,
it just uselessly runs past the end of the buffer until it crashes:

  CC      init/version.o
  LD      init/built-in.o
  LD      .tmp_vmlinux1
  KSYM    .tmp_kallsyms1.S
/bin/sh: line 1: 16934 Done                    sh-linux-gnu-nm -n .tmp_vmlinux1
     16935 Segmentation fault      | scripts/kallsyms > .tmp_kallsyms1.S
make: *** [.tmp_kallsyms1.S] Error 139

This simplifies the logic and just does a straightforward count.

Signed-off-by: Paul Mundt <lethal@linux-sh.org>
Reviewed-by: Li Zefan <lizf@cn.fujitsu.com>
Cc: Lai Jiangshan <laijs@cn.fujitsu.com>
Cc: Sam Ravnborg <sam@ravnborg.org>
Cc: Paulo Marques <pmarques@grupopie.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: <stable@kernel.org>		[2.6.30.x, 2.6.31.x]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
kallsyms: fix inverted valid symbol checking 2009-06-20T11:33:23+00:00 Mike Frysinger vapier@gentoo.org 2009-06-15T11:52:48+00:00 ac6ca5c86c63dd95acc6a34dff8d33c23b703a37 The previous commit (17b1f0de) introduced a slightly broken consolidation of the memory text range checking. Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Sam Ravnborg <sam@ravnborg.org> 
The previous commit (17b1f0de) introduced a slightly broken consolidation
of the memory text range checking.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
kallsyms: generalize text region handling 2009-06-14T20:43:46+00:00 Mike Frysinger vapier@gentoo.org 2009-06-08T23:12:13+00:00 17b1f0de79dbdf5cfb2686b63a7fb9ecc440da7c Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Sam Ravnborg <sam@ravnborg.org> 
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
kallsyms: support kernel symbols in Blackfin on-chip memory 2009-06-14T20:43:45+00:00 Robin Getz robin.getz@analog.com 2006-07-10T06:25:40+00:00 028f042613c3c99db20dd7f4e4069fbbcea92dd7 The Blackfin arch has a discontiguous .text layout due to having on-chip instruction memory and no virtual memory support. As such, we need to add explicit checks for these additional .text regions. Signed-off-by: Robin Getz <robin.getz@analog.com> Signed-off-by: Bryan Wu <cooloney@kernel.org> Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Sam Ravnborg <sam@ravnborg.org> 
The Blackfin arch has a discontiguous .text layout due to having on-chip
instruction memory and no virtual memory support.  As such, we need to
add explicit checks for these additional .text regions.

Signed-off-by: Robin Getz <robin.getz@analog.com>
Signed-off-by: Bryan Wu <cooloney@kernel.org>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
kallsyms, tracing: output more proper symbol name 2009-03-14T08:55:04+00:00 Lai Jiangshan laijs@cn.fujitsu.com 2009-03-13T07:10:26+00:00 b478b782e110fdb4135caa3062b6d687e989d994 Impact: bugfix, output more reliable symbol lookup result Debug tools(dump_stack(), ftrace...) are like to print out symbols. But it is always print out the first aliased symbol.(Aliased symbols are symbols with the same address), and the first aliased symbol is sometime not proper. # echo function_graph > current_tracer # cat trace ...... 1) 1.923 us | select_nohz_load_balancer(); 1) + 76.692 us | } 1) | default_idle() { 1) ==========> | __irqentry_text_start() { 1) 0.000 us | native_apic_mem_write(); 1) | irq_enter() { 1) 0.000 us | idle_cpu(); 1) | tick_check_idle() { 1) 0.000 us | tick_check_oneshot_broadcast(); 1) | tick_nohz_stop_idle() { ...... It's very embarrassing, it ouputs "__irqentry_text_start()", actually, it should output "smp_apic_timer_interrupt()". (these two symbol are the same address, but "__irqentry_text_start" is deemed to the first aliased symbol by scripts/kallsyms) This patch puts symbols like "__irqentry_text_start" to the second aliased symbols. And a more proper symbol name becomes the first. Aliased symbols mostly come from linker script. The solution is guessing "is this symbol defined in linker script", the symbols defined in linker script will not become the first aliased symbol. And if symbols are found to be equal in this "linker script provided" criteria, symbols are sorted by the number of prefix underscores. Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com> Acked-by: Sam Ravnborg <sam@ravnborg.org> Reviewed-by: Paulo Marques <pmarques@grupopie.com> LKML-Reference: <49BA06E2.7080807@cn.fujitsu.com> Signed-off-by: Ingo Molnar <mingo@elte.hu> 
Impact: bugfix, output more reliable symbol lookup result

Debug tools(dump_stack(), ftrace...) are like to print out symbols.
But it is always print out the first aliased symbol.(Aliased symbols
are symbols with the same address), and the first aliased symbol is
sometime not proper.

 # echo function_graph > current_tracer
 # cat trace
......
 1)   1.923 us    |    select_nohz_load_balancer();
 1) + 76.692 us   |  }
 1)               |  default_idle() {
 1)   ==========> |    __irqentry_text_start() {
 1)   0.000 us    |      native_apic_mem_write();
 1)               |      irq_enter() {
 1)   0.000 us    |        idle_cpu();
 1)               |        tick_check_idle() {
 1)   0.000 us    |          tick_check_oneshot_broadcast();
 1)               |          tick_nohz_stop_idle() {
......

It's very embarrassing, it ouputs "__irqentry_text_start()",
actually, it should output "smp_apic_timer_interrupt()".
(these two symbol are the same address, but "__irqentry_text_start"
is deemed to the first aliased symbol by scripts/kallsyms)

This patch puts symbols like "__irqentry_text_start" to the second
aliased symbols. And a more proper symbol name becomes the first.

Aliased symbols mostly come from linker script. The solution is
guessing "is this symbol defined in linker script", the symbols
defined in linker script will not become the first aliased symbol.

And if symbols are found to be equal in this "linker script provided"
criteria, symbols are sorted by the number of prefix underscores.

Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Acked-by: Sam Ravnborg <sam@ravnborg.org>
Reviewed-by: Paulo Marques <pmarques@grupopie.com>
LKML-Reference: <49BA06E2.7080807@cn.fujitsu.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Revert "kbuild: strip generated symbols from *.ko" 2009-01-14T20:38:20+00:00 Sam Ravnborg sam@ravnborg.org 2009-01-14T20:38:20+00:00 2ea038917bbdd51a7ae4a898c6a04641324dd033 This reverts commit ad7a953c522ceb496611d127e51e278bfe0ff483. And commit: ("allow stripping of generated symbols under CONFIG_KALLSYMS_ALL") 9bb482476c6c9d1ae033306440c51ceac93ea80c These stripping patches has caused a set of issues: 1) People have reported compatibility issues with binutils due to lack of support for `--strip-unneeded-symbols' with objcopy 2.15.92.0.2 Reported by: Wenji 2) ccache and distcc no longer works as expeced Reported by: Ted, Roland, + others 3) The installed modules increased a lot in size Reported by: Ted, Davej + others Reported-by: Wenji Huang <wenji.huang@oracle.com> Reported-by: "Theodore Ts'o" <tytso@mit.edu> Reported-by: Dave Jones <davej@redhat.com> Reported-by: Roland McGrath <roland@redhat.com> Signed-off-by: Sam Ravnborg <sam@ravnborg.org> 
This reverts commit ad7a953c522ceb496611d127e51e278bfe0ff483.

And commit: ("allow stripping of generated symbols under CONFIG_KALLSYMS_ALL")
            9bb482476c6c9d1ae033306440c51ceac93ea80c

These stripping patches has caused a set of issues:

1) People have reported compatibility issues with binutils due to
   lack of support for `--strip-unneeded-symbols' with objcopy 2.15.92.0.2
   Reported by: Wenji
2) ccache and distcc no longer works as expeced
   Reported by: Ted, Roland, + others
3) The installed modules increased a lot in size
   Reported by: Ted, Davej + others

Reported-by: Wenji Huang <wenji.huang@oracle.com>
Reported-by: "Theodore Ts'o" <tytso@mit.edu>
Reported-by: Dave Jones <davej@redhat.com>
Reported-by: Roland McGrath <roland@redhat.com>
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
allow stripping of generated symbols under CONFIG_KALLSYMS_ALL 2008-12-19T21:47:10+00:00 Jan Beulich jbeulich@novell.com 2008-12-16T11:30:08+00:00 9bb482476c6c9d1ae033306440c51ceac93ea80c Building upon parts of the module stripping patch, this patch introduces similar stripping for vmlinux when CONFIG_KALLSYMS_ALL=y. Using CONFIG_KALLSYMS_STRIP_GENERATED reduces the overhead of CONFIG_KALLSYMS_ALL from 245k/310k to 65k/80k for the (i386/x86-64) kernels I tested with. The patch also does away with the need to special case the kallsyms- internal symbols by making them available even in the first linking stage. While it is a generated file, the patch includes the changes to scripts/genksyms/keywords.c_shipped, as I'm unsure what the procedure here is. Signed-off-by: Jan Beulich <jbeulich@novell.com> Signed-off-by: Sam Ravnborg <sam@ravnborg.org> 
Building upon parts of the module stripping patch, this patch
introduces similar stripping for vmlinux when CONFIG_KALLSYMS_ALL=y.
Using CONFIG_KALLSYMS_STRIP_GENERATED reduces the overhead of
CONFIG_KALLSYMS_ALL from 245k/310k to 65k/80k for the (i386/x86-64)
kernels I tested with.

The patch also does away with the need to special case the kallsyms-
internal symbols by making them available even in the first linking
stage.

While it is a generated file, the patch includes the changes to
scripts/genksyms/keywords.c_shipped, as I'm unsure what the procedure
here is.

Signed-off-by: Jan Beulich <jbeulich@novell.com>
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>