This patch series allows the arch-specific kernel fault handlers to dump
the command line parameters of the faulting process.

The motivation for this patch is that it's sometimes quite hard to find out and
annoying to not know which program *exactly* faulted when looking at the syslog.

Some examples from the syslog are:

On parisc:
   do_page_fault() command='cc1' type=15 address=0x00000000 in 
libc-2.33.so[f6abb000+184000]
   CPU: 1 PID: 13472 Comm: cc1 Tainted: G            E     5.10.133+ #45
   Hardware name: 9000/785/C8000

-> We see the "cc1" compiler crashed, but it would be useful to know which file 
was compiled.

With this patch series, the kernel now prints in addition:
   cc1[13472] cmdline: /usr/lib/gcc/hppa-linux-gnu/12/cc1 -quiet @/tmp/ccRkFSfY 
-imultilib . -imultiarch hppa-linux-gnu -D USE_MINIINTERPRETER -D NO_REGS -D 
_HPUX_SOURCE -D NOSMP -D THREADED_RTS -include 
/build/ghc/ghc-9.0.2/includes/dist-install/build/ghcversion.h -iquote 
compiler/GHC/Iface -quiet -dumpdir /tmp/ghc13413_0/ -dumpbase ghc_5.hc 
-dumpbase-ext .hc -O -Wimplicit -fno-PIC -fwrapv -fno-builtin 
-fno-strict-aliasing -o /tmp/ghc13413_0/ghc_5.s

-> now we know that cc1 crashed while compiling some haskell code.

Another parisc example:
   do_page_fault() command='ld.so.1' type=15 address=0x565921d8 in 
libc.so[f7339000+1bb000]
   CPU: 1 PID: 1151 Comm: cc1 Tainted: G            E     5.10.133+ #45
   Hardware name: 9000/785/C8000

-> apparently here a program from the glibc testsuite segfaulted.

With this patch we now additionally get:
   ld.so.1[1151] cmdline: /home/gnu/glibc/objdir/elf/ld.so.1 --library-path 
/home/gnu/glibc/objdir:/home/gnu/glibc/objdir/math:/home/gnu/
        /home/gnu/glibc/objdir/malloc/tst-safe-linking-malloc-hugetlb1

-> it was the tst-safe-linking-malloc-hugetlb1 testcase which faulted.

An example of a typical x86 fault shows up as:
   crash[2326]: segfault at 0 ip 0000561a7969c12e sp 00007ffe97a05630 error 6 
in crash[561a7969c000+1000]
   Code: 68 ff ff ff c6 05 19 2f 00 00 01 5d c3 0f 1f 80 00 00 00 00 c3 0f 1f 
80 00 00 00 00 e9 7b ff ff ff 55 48 89 e5 b8 00 00 00 00 <c7> 00 01 00 00 00 b8 
00 00 00 00 5d c3 0f 1f 44 00 00 41 57 4c 8d

-> with this patch we now will see the whole command line:
   crash[2326] cmdline: ./crash test_write_to_page_0

The patches are relatively small, and reuses functions which are used
to create the output for the /proc/<pid>/cmdline files.

In this version 2 of the patch set, all or parts of the command line isn't
shown if the value of the kptr_restrict sysctl >= 1.

Thanks!
Helge

---

Changes compared to v1 of this patchset:
----------------------------------------
- Don't dump all or parts of the commandline depending on the
  kptr_restrict sysctl value (suggested by Josh Triplett).
- Patch sent to more arch mailing lists

Helge Deller (3):
  proc: Add get_task_cmdline_kernel() function
  lib/dump_stack: Add dump_stack_print_cmdline() and wire up in
    dump_stack_print_info()
  x86/fault: Dump command line of faulting process to syslog

 arch/x86/mm/fault.c     |  2 ++
 fs/proc/base.c          | 68 +++++++++++++++++++++++++++--------------
 include/linux/printk.h  |  5 +++
 include/linux/proc_fs.h |  5 +++
 lib/dump_stack.c        | 34 +++++++++++++++++++++
 5 files changed, 91 insertions(+), 23 deletions(-)

--
2.37.1

Reply via email to