← Back to team overview

kernel-packages team mailing list archive

[Bug 251288] Re: Crash should depend on binutils

 

This bug was fixed in the package crash - 6.1.6-1ubuntu0.12.04.1

---------------
crash (6.1.6-1ubuntu0.12.04.1) precise-proposed; urgency=low

  * Merge from Debian unstable (LP: #1064475). Remaining changes:
    - debian/rules: Always build extensions and package them.
    - debian/rules: Cleanup for extensions.
  * Dropped ubuntu changes:
    - SPU extension support.
  * debian/control: Add armhf to build architectures.

crash (6.1.6-1) unstable; urgency=low

  * New upstream version 6.1.6

  * Fix for a crash-6.1.5 regression that causes the "mount" command to fail
    on kernel versions prior to Linux 3.3.  Without the patch, the command
    fails with the message "mount: invalid structure member offset:
    mount_mnt_devname".

crash (6.1.5-1) UNRELEASED; urgency=low

  * New upstream version 6.1.6

  * Fix for the ARM "irq" command.  Without the patch, on 2.6.34 and later
    kernels configured with CONFIG_SPARSE_IRQ, the command fails with the
    error message "irq: cannot determine number of IRQs".

  * Fix for a segmentation violation generated during invocation while parsing
    a makedumpfile-created "flat-format" vmcore-incomplete file.  Without the
    patch, the crash session would display the error message "crash: unable to
    seek dump file vmcore-incomplete", followed by a segmentation violation.

  * Fix for a segmentation violation generated by the "kmem -s" option when
    encountering a corrupted array_cache structure that contains a bogus
    "avail" count that is greater than the maximum legitimate limit value.
    Without the patch, the "kmem -s" command would print a warning message
    regarding the invalid array_cache, complete the command normally, and then
    generate a segmentation violation when freeing buffers used by the
    command.

  * Update to the "kmem -s" function to include the errors found in slab
    structures to the display of total errors found when the command
    completes.  Without the patch, invalid list_head pointers, bad inuse
    counters, and bad s_mem pointers were not added to the total number of
    errors found.

  * Fix for "crash --osrelease <dumpfile>" and "crash --log <dumpfile>" when
    run on an ARM compressed kdump with a crash binary that was built with
    "make target=ARM" on an x86 or x86_64 host.  Without the patch, if the
    compressed kdump header version is 4 or 5, "crash --osrelease" fails with
    the error message "crash: compressed kdump: cannot lseek dump vmcoreinfo"
    followed by "unknown", and "crash --log" fails with the error message
    "crash: <dumpfile>: no VMCOREINFO section".

  * Enhancement to the "swap" command to display the swap_info_struct address
    of each configured swap device.  The output has been changed to display
    the address in the first column, and the variable-length device name has
    been moved to the last column.

  * Fix for the "kmem -[sS]" options on kernels that configured with both
    CONFIG_SLUB and CONFIG_NODES_SHIFT, and that are running on hardware that
    generates NUMA nodes that contain no memory.  Without the patch, both
    command options fail immediately with the message "kmem: invalid kernel
    virtual address: 8  type: kmem_cache_node nr_partial".

  * Increment the PPC64 NR_CPUS maximum value from 1024 to 2048.

  * Strip the ".isra." and ".part." appendages to cloned text symbol names,
    which seem to have been introduced by gcc-4.6.0.  To keep them intact, a
    "--no_strip" command line option has been added.

  * Patch to the internal gdb_get_datatype() function to return the typecode
    and length of integer variables.

  * Fix for the "dev -d" option on Linux 3.6 and later kernels.  Without the
    patch the option fails with the message "dev: invalid structure member
    offset: request_queue_rq".

  * Export the red/black tree utility functions rb_first(), rb_parent(),
    rb_right(), rb_left(), rp_next() and rb_last().  Without the patch, they
    are statically declared and only used by the "runq" command.

  * Implemented a new "timer -r" option that displays the hrtimer queues,
    supporting all versions from Linux 2.6.16 to the present.

  * Fix for "kmem -s" on Linux 3.8 and later kernels that are configured with
    CONFIG_SLAB.  The kmem_cache.array[] length has been extended to store the
    nodelist pointers, so the original method to determine the per-cpu array
    limit can go out-of-range.  Without the patch, during session
    initialization there may be a message that indicates "crash: invalid
    kernel virtual address: <address> type: array cache limit", followed by
    "crash: unable to initialize kmem slab cache subsystem"; if those messages
    do get shown, then "kmem -s" will subsequently fail during runtime with
    the message "kmem: kmem cache slab subsystem not available".

  * Two Xen hypervisor fixes: (1) Fix console buffer content length
    calculation: Function displaying console buffer always assumes its content
    length equal to console buffer size.  This is not true and sometimes it
    sends garbage to the screen. This patch fixes this issue.  (2) Improve
    calculation of beginning of virtual address space: Xen changeset 26447
    (x86: re-introduce map_domain_page() et al) once again altered virtual
    address space.  The current algorithm calculating its start could not cope
    with that change.  New version establishes this value on the base of image
    start address and is more generic.

  * Fix for the ARM "vtop" command when run on a module address.  Without the
    patch, the command fails with error message "vtop: ambiguous address:
    <module-address>  (requires -u or -k)".

  * Add the "--active" command line option to the crash(8) man page and to the
    "crash [-h|--help]" output.

  * Add the "--buildinfo" command line option to the crash(8) man page and to
    the "crash [-h|--help]" output.

  * Remove the unadvertised and unnecessary "--data_debug" command line
    option, given that it is the default setting.

  * Remove the unadvertised and obsolete "--no_namelist_gzip" command line
    option.

  * Add the "-g [namelist]" command line option to the crash(8) man page and
    to the "crash [-h|--help]" output.

  * Remove the unadvertised and never-implemented "--shadow_page_tables"
    command line option.

  * Fix for the ARM "vtop" command when run on a user virtual address of the
    panic task.  Prior to Linux 3.3, the panic task's pgd gets overwritten
    with a pgd that identity-maps the whole address space, and therefore crash
    loses the capability of translating any user virtual address into its
    original physical address.

  * Fix to prevent the ARM linker mapping symbols "$d" and "$a" from being
    added to the list of symbols from kernel modules.  Without the patch, the
    two symbols would only be rejected from the base kernel's symbol list, but
    would be added to the symbol list of individual kernel modules.

  * Fix for the X86_64 "bt" command to recognize that the kernel was built
    with CONFIG_FRAME_POINTER on Linux 3.7 and later kernels that are
    configured with CONFIG_FUNCTION_TRACER.  In those kernels, the special
    4-byte NOP instruction that can be overwritten during runtime for dynamic
    ftracing has been moved to the very beginning of each function, before the
    function preamble.  Without the patch, the test that checks the function
    preamble to determine whether CONFIG_FRAME_POINTER was configured would
    fail, which could potentially lead to less reliable backtraces.

crash (6.1.4-1) UNRELEASED; urgency=low

  * New upstream version 6.1.4

  * Fix for a crash-6.1.3 regression with respect to the loading of extension
    modules.  Because of the change that replaced the obsolete _init() and
    _fini() functions with constructor and destructor functions, extension
    modules may fail to load when the extension modules are built with older
    compiler/linkers.  The problem is due to the continued usage of the
    -nostartfiles compiler option regardless whether the extension module has
    replaced its _init() function with a constructor function; with older
    compiler/linkers, the module may fail to load.  The fix predetermines
    whether an extension module still uses _init() or if it has been updated
    to use a constructor function, and will use the -nostartfiles option only
    on older "legacy" modules.

  * Implemented a new "list -r" option that can be used with lists that are
    linked with list_head structures.  When invoked, the command will traverse
    the linked list in the reverse order by using the "prev" pointer instead
    of "next".

  * Fix for the "swap" command's FILENAME display.  In some kernels between
    2.6.32 and 2.6.38 the swap partition's pathname may not show the "/dev"
    filename component.

  * Fix for the "swap" command's PCT display, which will display a a negative
    percentage value if more than 5368709 swap pages are in use.

crash (6.1.3-1) unstable; urgency=low

  * New upstream version 6.1.3

  * Implemented a new "crash --log dumpfile" option which dumps the
  kernel log buffer and exits.  A kernel namelist is not required,
  but the dumpfile must contain the VMCOREINFO data from the ELF
  header of the original /proc/vmcore file that was created by the
  kexec/kdump facility.  Accordingly, this option supports kdump ELF
  vmcores and compressed kdump vmcores created by the makedumpfile
  facility, including those that are in makedumpfile's intermediary
  "vmcore.flat" format.

  * Fixes for the ppc64.c file to handle gcc-4.7.2 compiler warnings when
  building crash with "make warn", or compiler failures when building
  with "make Warn" on a PPC64 machine.  Without the patch, gcc-4.7.2
  generates three "error: variable ‘<variable>’ set but not used
  [-Werror=unused-but-set-variable]" messages.

  * Update the PPC64 architecure's internal storage of the kernel's
  MAX_PHYSMEM_BITS value for Linux 3.7 and later kernels, which changed
  from 44 to 46 to for 64TB support.  Without the patch, there is no
  known issue, but the stored value should be correct.

  * Fix for the "mount" command's header display to indicate "MOUNT"
  instead of "VFSMOUNT" on Linux 3.3 and later kernels because the
  the first column contains a mount structure address instead of a
  vfsmount structure address.  For those later kernels, it is
  permissable to enter either the mount structure address, or the
  address of the vfsmount structure that is embedded within it, as
  an optional argument.  The output has also been tightened up so
  that the DIRNAME field is not shifted to the right based upon the
  DEVNAME field length.

  * Fix for the "mount <superblock>" search option on 2.6.32 and later
  kernels.  Without the patch, it is possible that multiple filesystems
  will be displayed.

  * Update to the "mount" help page to indicate that a dentry address
  may be used as a search option.

  * Fix for the "ps -l [pid|task|command]" option to display the
  specified tasks sorted with the most recently-run task (the largest
  last_run/timestamp) shown first, as is done with the "ps -l" option
  with no arguments.  Without the patch, the timestamp data gets
  displayed in the order of the "[pid|task|command]" arguments.

  * Added the "ps" command to the set of supported "foreach" commands,
  serving as an alternative manner of passing task-identifying
  arguments to the "ps" command.  For example, a command such as
  "foreach RU ps" can be accomplished without having to pipe normal
  "ps" output to "grep RU".  All "ps" options are supported from the
  "foreach" framework.

  * Fix for the "ps -G" restrictor option such that it also takes affect
  if the -p, -c, -l, -a, -r or -g options are used.  Without the
  patch, thread group filtering would only take effect when the default
  "ps" command is used without any of the options above.

  * Fortify the internal hq_open() function to return FALSE if it is
  already open, and have restore_sanity() and restore_ifile_sanity()
  call hq_close() unconditionally.

  * Added the "extend" command to the set of built-in commands that
  support minimal mode.  A new MINIMAL flag has been created for
  extension modules to set in their command_table_entry.flags field(s)
  to signal that a command supports minimal mode.  If the crash session
  has been invoked with --minimal, then the "extend" command will
  require that the module registers at least one command that has
  the MINIMAL bit set.

  * Prevent the "__crc_*" symbols from being added to the the ARM kernel
  symbol list.

  * Prevent the "PRRR" and "NMRR" absolute symbols from being added to
  the ARM kernel symbol list.  Without the patch, it allows an invalid
  set of addresses to pass the check in the in_ksymbol_range() function.

  * Fix for the ppc.c file to handle a gcc-4.7.2 compiler warning when
  building crash with "make warn", or compiler failures when building
  with "make Warn" on a PPC machine.  Without the patch, gcc-4.7.2
  generates the message "error: variable ‘dm’ set but not used
  [-Werror=unused-but-set-variable]".

  * Workaround for the "crash --osrelease dumpfile" option to be able
  to work with malformed ARM compressed kdump headers.  ARM compressed
  kdumps that indicate header version 3 may contain a malformed
  kdump_sub_header structure with offset_vmcoreinfo and size_vmcoreinfo
  fields offset by 4 bytes, and the actual vmcoreinfo data is not
  preceded by its ELF note header and its "VMCOREINFO" string.  This
  workaround finds the vmcoreinfo data and patches the stored header's
  offset_vmcoreinfo and size_vmcoreinfo values.  Without the patch, the
  "--osrelease dumpfile" command line option fails with the message
  "crash: compressed kdump: cannot lseek dump vmcoreinfo", followed by
  "unknown".

  * Fix for the "help -n" option on 32-bit compressed kdumps.  Without
  the patch, the offset_vmcoreinfo, offset_eraseinfo, and offset_note
  fields of the kdump_sub_header have their upper 32-bits clipped off
  when displayed.  However, it should be harmless since the offset
  values point into the first few pages of the dumpfile.

  * Update of the extensions/echo.c extension module example, and the
  "extend" help page, to utilize a constructor function to call the
  register_extension() function.  The _init() and _fini() functions
  have been designated as obsolete for usage by dlopen() and dlclose().
  The echo.c example module has been modified to contain echo_init()
  and echo_fini() functions marked as __attribute__((constructor)) and
  __attribute__((destructor)) respectively.

  * Updated extensions/dminfo.c, extensions/snap.c and extensions/trace.c
  to replace their _init() and _fini() functions with constructor and
  destructor functions.

  * Fix for the "bt" command on the PPC64 architecture when running
  on Linux 3.7 kernel threads.  Without the patch, some kernel threads
  may fail to terminate on the final ".ret_from_kernel_thread" frame,
  repeating that frame endlessly, because the stack linkage pointer
  points back to itself instead of being NULL.

crash (6.1.2-1) UNRELEASED; urgency=low

  * New upstream version 6.1.2

  * Enhancement of the "task" command to display both the task_struct and the
    thread_info structures of a task.  The -R option accepts members of
    either/both structure types.

  * Fix for the X86_64 "search" and "rd" commands due to this commit:
    http://git.kernel.org/linus/027ef6c87853b0a9df53175063028edb4950d476 Upon
    any attempt to read a page within the RAM region reserved for AMD GART on
    a live system, the Linux 3.7rc1 commit above causes causes /dev/mem,
    /proc/kcore and the /dev/crash drivers to spin forever, leading to a
    kernel soft lockup.  The RAM pages reserved for GART consist of 2MB large
    pages whose _PAGE_PRESENT bits are turned off.  Prior to the above commit,
    a read() attempt on GART RAM would cause an unresolvable page fault, and
    would harmlessly return an EFAULT.  The commit above has changed
    pmd_large() function such that it now returns TRUE if only _PAGE_PSE bit
    is set in the PTE, whereas before it required both _PAGE_PSE and
    _PAGE_PRESENT.  So instead of just failing the read() system call with an
    EFAULT, the page fault handling code now considers it a spurious TLB
    fault, and the instruction is retried indefinitely.  The crash utility
    patch stores the GART physical memory range, and disallows any attempts to
    read from it.

  * If an EPPIC_GIT_URL environment variable is defined, then the URL that it
    points to is used as an alternative to the code.google.com git source
    repository for the eppic.so extension module.  However, the alternative
    site is only accessed if code.google.com can first be pinged; this patch
    removes that restriction.

  * Fix for the "files" command PATH display on kernels configured with
    CONFIG_DEVTMPFS, when the vfsmount pointer in an file structure's "f_path"
    member does not point to the root vfsmount required for reconstructing the
    full file pathname.  Without the patch, open files in /dev directory may
    be truncated and not show the "/dev" filename component.

  * Enhancement to the "kmem -v" option on 2.6.28 and later kernels that
    utilize the "vmap_area_list" list of mapped kernel virtual memory regions,
    replacing the usage of the to-be-obsoleted "vmlist" list.  In those
    kernels, the output of the command will also show each vmap_area structure
    address, in addition to its vm_struct address, memory range, and size.

  * Update to the exported do_rbtree() and do_rdtree() functions such that
    they will return the number of items found in the targeted tree, similar
    in nature to the do_list() function.  The two functions have also been
    fixed such that the VERBOSE flag is actually recognized, so that external
    callers are able to gather the entries in a tree without having them
    displayed.  The calls to either function may be enclosed with hq_open()
    and hq_close() so the that tree entries may be subsequently gathered by
    retrieve_list() into a supplied buffer, as well as to recognize a
    corrupted list with duplicate entries.

  * Fix for the "extend -u" option to prevent the usage of a member of a
    free()'d extension_table structure.  No command failure occurs, but rather
    an inadvertent coding error.

  * Fix to allow error() to be called during an open_tmpfile() sequence prior
    to close_tmpfile() being called.  There are no crash functions that call
    error() during an open_tmpfile() sequence, but there's no reason why it
    cannot be done.  Without the patch, the error message gets displayed on
    stdout (as expected), but the error message will also overwrite/corrupt
    the tmpfile() data while it is being parsed.

  * Fix to properly determine whether X86_64 kernels were configured with
    CONFIG_FRAME_POINTER, due to this ftrace-related commit:
    http://git.kernel.org/linus/d57c5d51a30152f3175d2344cb6395f08bf8ee0c
    Without the patch, the crash utility fails to determine whether the kernel
    was built with CONFIG_FRAME_POINTER, and therefore the "bt" command cannot
    take advantage of it for more reliable backtraces.

  * Fix to properly determine whether 2.6.31 and earlier X86_64 kernels were
    configured with CONFIG_FRAME_POINTER.  Without the patch, the crash
    utility may fail to determine whether the kernel was built with
    CONFIG_FRAME_POINTER.  In those kernel versions -- which may be dependent
    upon the compiler version used -- one of the sample functions tested may
    have their "push %rbp, mov %rsp,%rbp" function preamble separated by other
    instruction(s), resulting in a false negative that precludes the "bt"
    command from taking advantage of framepointers.

  * Fix for the file and line-number string that is displayed by the "sym
    <kernel-text>" option.  Without the patch, the "/usr/src/" part of the
    string is stripped, and the filename string itself could have two
    corrupted characters in the pathname, for example, showing
    "k3.nel-3.6.fc17" instead of "kernel-3.6.fc17".  This is dependent upon
    the compiler version, or perhaps the string library that is linked into
    the crash binary, because it only has been seen on crash binaries built
    with gcc-4.7.  The fix now displays the full pathname, no longer dropping
    the "/usr/src" from beginning.

  * Restricted the X86_64 "line_number_hook" to kernels earlier than 2.6.24,
    i.e., kernels prior to the x86/x86_64 merge.  Without the patch, the
    manufactured filename information for assembly-language files was
    incorrect for 2.6.24 and later kernels.  Also, the kernel debuginfo data
    now has file/line-number data for assembly-language files as well,
    obviating the need for the hook.

  * Fix for the extensions/trace.c extension module to prevent a double free
    exception that would occur if a calloc() call fails during module
    initialization.

  * Fix for the "p -u" option if a 32-bit kernel symbol is incorrectly passed
    as an argument.  Without the patch, the command fails, but the next
    command requiring the services of the embedded gdb module will generate an
    error message of the sort "*** glibc detected *** crash: free(): invalid
    pointer: <address> ***", or "*** glibc detected *** crash: munmap_chunk():
    invalid pointer: <address> ***", followed by a backtrace, and an abort of
    the crash session.

  * Fix for the embedded gdb module to correctly handle kernel modules whose
    ELF header contains "__ksymtab" and "__ksymtab_gpl" sections with non-zero
    nonsensical "Address" values.

  * Without the patch, if one of the odd sections above is encountered, the
    "Offset" values of the remaining sections are not processed; and if the
    module's .data section is ignored, gdb incorrectly calculates the address
    of all symbols in the module's .data section, leading to incorrect output
    if, for example, data is printed with the gdb "p" command.  This invalid
    ELF section format was introduced in Linux 3.0 by the kernel's
    "scripts/module-common.lds" file.

  * Fix for the "runq -g" option if the kernel contains more than 200 task
    groups.  Without the patch, the command generates a segmentation
    violation.

crash (6.1.1-1) UNRELEASED; urgency=low

  * New upstream version 6.1.1

  * Fixes for the ARM "vtop" command display of kernel unity-mapped virtual
    addresses.  Without the patch, the PGD, PMD values may be incorrect, and
    the PAGE value is always incorrectly calculated.

  * Fix for Linux 2.6.34 and later kernels that are configured with
    CONFIG_SLUB, but not configured with CONFIG_IKCONFIG, to be able to
    determine the kernel's CONFIG_NR_CPUS value.  Without the patch, if the
    actual number of cpus is larger than the crash utility's per-architecture
    NR_CPUS maximum value, then the cpus beyond the NR_CPUS limit would not be
    accounted for.

  * Increment the X86_64 NR_CPUS maximum value from 4096 to 5120.

  * Try to determine whether the kernel is running as a virtual machine by
    using any available kernel-specific data or by dumpfile type.  The results
    of the hypervisor type search will be stored in the internal kernel_table
    data structure, and if a hypervisor type can be determined, its name will
    be displayed by the "mach" command.  The result of the hypervisor
    determination, successful or otherwise, may be viewed during session
    initialization if the -d<number> command line option is invoked, or during
    runtime via the "help -k" option.  Only applicable to the X86, X86_64 and
    IA64 architectures.

  * Allow the "ps command" and "foreach name" command options to contain more
    than the kernel's maximum of 15 characters that are stored in each task's
    task_struct.comm[] array.  Without the patch, the two string arguments
    were required to be the possibly-truncated command name string in order to
    match.

  * Enhancement to the "ps" command to allow any of the "command" arguments to
    be POSIX extended regular expressions.  The expression string must be
    encompassed by "'" characters, and will be matched against the names of
    all tasks.

  * Add support for 2GB pages in the S390X virtual-to-physical address
    translation function.  Required for the new IBM zEC12 Mainframe.

  * Initial preparation for support of the ARM64 architecture.

  * Fix for the "log" command if a kernel message contains either a '\n' or a
    '\t'.  Without the patch, the two characters are replaced with a '.', and
    the message continues.  With the patch applied, the characters are
    printed, and if it is a '\n', spaces are inserted after the linefeed so
    that the subsequent characters in the message line up appropriately under
    the preceding line.

  * Fix for the "kmem -[sS]" options on kernels that configured with both
    CONFIG_SLUB and CONFIG_NODES_SHIFT, and that are running on hardware that
    generates NUMA node ids that are not numbered consecutively.  Without the
    patch, both command options fail with the error message "kmem: invalid
    kernel virtual address: 8  type: kmem_cache_node nr_partial".

  * Fix for the "trace.so" extension module's "trace show" command.  Without
    the patch, the output showing each trace point is shown with two
    hexadecimal virtual addresses instead of displaying them symbolically
    using the format "<function> <-- <function>".

  * Fixes for handling incomplete/invalid ELF or compressed kdump vmcores
    whose per-cpu NT_PRSTATUS notes are missing.  For example, this has been
    seen to happen when kexec/kdump incorrectly recognizes a Xen DomU kernel
    as a Xen Dom0 kernel.  Without the patch, possible ramifications would be
    a NULL pointer dereference during session intialization when searching for
    the panic task, or during the "bt" command on an active task.

  * Implemented a new "runq -g" option that displays CFS runqueue tasks
    hierarchically by task_group.  Tasks in throttled groups are also
    displayed.  The "runq" command with no option will no longer display
    task_group data for the RT queue.

  * Patchset for Xen support up to version 4.2:

  * Fix for the S390X virtual-to-physical address translation to allow the HW
    Change-bit override bit (0x100) to be used in page table entries.

  * Fix for a rarely-seen circumstance in which a kdump ELF vmcore of a Xen
    dom0 kernel gets incorrectly identified as a old-style netdump ELF vmcore.
    This has only been seen after the original kdump ELF vmcore was
    transformed via "makedumpfile -d1".  Without the patch, the crash session
    fails during initialization with the messages "crash: invalid size
    request: 0  type: xen kdump p2m mfn page", followed by "crash: cannot read
    xen kdump p2m mfn page".  If run against the Xen hypervisor, the session
    fails during initialization with the error message "crash: read error:
    kernel virtual address: <address>  type: crashing_cpu".

crash (6.1.0-1ubuntu2) raring; urgency=low

  * Make crash depend on binutils. (LP: #251288)
    Crash uses the program strings to match vmlinux and cores.

crash (6.1.0-1ubuntu1) raring; urgency=low

  * Merge from Debian unstable (LP: #1064475). Remaining changes:
    - debian/patches/01_spu_commands.patch
      + Provides SPU extension support
      + Enable SPU extension only on PPC (using .mk logic)
    - debian/rules:
      + Always build extensions and package them.
      + Cleanup for extensions

crash (6.1.0-1) unstable; urgency=low

  * Fix for 32-bit SADUMP dumpfiles to correctly check whether a requested
    physical address is within the 0-640K backup region.  Without the patch,
    requested physical addresses that are larger than 32-bits are truncated to
    32-bit values, leading to unexpected results.

  * Added support for the ELF dumpfile type that is generated by the new
    "virsh dump --memory-only" option.  The "--memory-only" option uses a new
    "dump-guest-memory" QEMU monitor command that creates an ELF kdump vmcore
    clone.  The "virsh dump" command continues to borrow the "migrate" QEMU
    monitor command to create a file that is designed for guest migration, and
    not well-suited for a vmcore because it is not designed for random-access
    of physical memory.  A new "help -r" option has been added to dump the
    registers that are stored in per-cpu "QEMU" ELF notes; those notes are
    used to distinguish this dumpfile type from regular kdump ELF vmcores.
    The patch also combines common functionality between the new format and
    the SADUMP format.

  * Fix for the "runq" command for kernels that have the CFS scheduler.
    Without the patch, a cpu's RT runqueue may incorrectly display "[no tasks
    queued]" when in fact there are tasks on its queue.

  * In the highly-unlikely event that a pre-Linux 3.5 kernel's log buffer
    cannot be read during initialization, display a message indicating
    "WARNING: cannot read log_buf contents", and just continue.  Without the
    patch, a "readmem" error would be displayed and the crash session would be
    killed.

  * Updated the "net -a" option to support Linux 2.6.9 to 3.6.0.  Without the
    patch, the option displayed "net: -a option not supported or applicable on
    this architecture or kernel".

  * Enhanced the "net -a" option to show the struct neighbour address
    associated with each line of output.

  * Fix for the "runq" command for kernels that are configured with
    CONFIG_RT_GROUP_SCHED.  Without the patch, tasks contained within an RT
    group scheduling entity are not displayed.

  * Fix for "crash --version" or "crash -v" to prevent the sourcing of a
    .gdbinit file that is located in the current directory.

  * Preemptive fix to handle this patch to the x86 devmem_is_allowed()
    function that was posted on the Linux Kernel Mailing List here:
    https://lkml.org/lkml/2012/8/28/357 If the proposed kernel patch put into
    place, a failed attempt to use /dev/mem when the kernel is configured with
    CONFIG_STRICT_DEVMEM will not result in an automatic attempt to use
    /proc/kcore.  With this crash utility patch, the automatic switch to
    /proc/kcore will be attempted regardless whether the kernel patch is
    accepted or not.

  * Patch for CVE-2012-3509: libiberty: objalloc_alloc integer overflows

  * Fix for Linux 3.0 and later kernels that have been configured with
    CONFIG_SLAB, and without CONFIG_NODES_SHIFT (or have set it to 0).
    Without the patch, the warning messages "crash: nr_node_ids: symbol does
    not exist" and "crash: unable to initialize kmem slab cache subsystem" are
    displayed during initialization, and the "kmem -[sS]" options fail with
    the message "kmem: kmem cache slab subsystem not available".

  * Allow the build procedure to use an alternate compiler by passing "make
    CC=<compiler>" to the top-level Makefile.

  * Allow the user to append options to the "configure" script that is invoked
    by the initial embedded gdb build procedure.  The additional options
    should be put in a file named "GDBFLAGS.extra" located in the top-level
    directory.

  * Change for the "ps" command if a task is stopped due to the task being
    traced by another task.  Without the patch, the traced task is shown with
    the "ST" (stopped) status; with the patch it will be shown with a "TR"
    ncement of the "task" command to display both the task_struct and the
    thread_info structures of a task.  The -R option accepts members of
    either/both structure types.
  * The "TR" state has been added to the "foreach" command's list of task
    state qualifiers.  Without the patch, there is no way to filter out tasks
    that are stopped due to being traced by another task.

  * Fix for passing a a "gdb" command to a crash session via a pipe if there
    are any spaces preceding the "gdb" command name in the string.  Without
    the patch, the command will fail with the error message "gdb: gdb request
    failed: <truncated input-string>".

  * Preparation for the future S390/S390X structure name change from
    "_lowcore" to "lowcore".  The patch checks which structure is defined and
    uses the correct name.

  * Replaced datatype_info() calls in do_radix_tree() and do_rdtree() with
    preferred MEMBER_SIZE() macro.

crash (6.0.9-1) UNRELEASED; urgency=low

  * Fix for building on host machines that have glibc-2.15.90 installed, in
    which case the glibc header file /usr/include/bits/siginfo.h no longer
    declares a "struct siginfo", but only the "siginfo_t" typedef.  Without
    the patch, the build of the embedded gdb module fails with the error
    message "linux-nat.h:63:18: error: field 'siginfo' has incomplete type".

  * Add support for reading compressed kdump dumpfiles that were compressed by
    the snappy compressor.  This feature is disabled by default.  To enable
    this feature, build the crash utility in the following manner: (1) Install
    the snappy libraries by using the host system's package manager or by
    directly downloading libraries from author's website.  The packages
    required are: - snappy - snappy-devel The author's website is:
    http://code.google.com/p/snappy (2) Create a CFLAGS.extra file and an
    LDFLAGS.extra file in top-level crash sources directory: - enter -DSNAPPY
    in the CFLAGS.extra file - enter -lsnappy in the LDFLAGS.extra file.  (3)
    Build crash with "make" as always.

  * Prevent the "ptov" command from returning an invalid virtual address on
    32-bit architectures.  Without the patch, the command may result in an
    invalid virtual address if the physical address entered cannot be accessed
    by a unity-mapped kernel virtual address.  The patch verifies that the
    calculated virtual address can be translated back into the supplied
    physical address.

  * Fix to automatically try /proc/kcore as an alternative live memory source
    when the /dev/crash driver does not exist and /dev/mem is unusable because
    the kernel was configured with CONFIG_STRICT_DEVMEM.  Without the patch,
    the automatic switch from /dev/mem to /proc/kcore is only attempted on the
    X86 and X86_64 architectures.

  * Added missing linefeeds to several error messages in makedumpfile.c.

  * Fix for a regression introduced by a crash-5.1.1 patch that reworked the
    handling of "set" commands that are put in .crashrc files, such that only
    certain command options would get resolved before the crash session is
    initialized.  Without this patch, the "--less", "--more", "--no_scroll"
    and "--CRASHPAGER" crash command line options do not properly override
    conflicting "set scroll <option>" entries that are put in a .crashrc file.

  * Added new "--hex" and "--dec" crash command line options, which will set
    the command output format to hexadecimal or decimal.  These two command
    line options will override any "set radix [10|16]" settings in a .crashrc
    file; since decimal is the default, the "--dec" option would only be
    necessary to override a "set radix 16" setting in a .crashrc file.

  * Fix for the "runq" and "timer" commands when running against 2.6.34 and
    later kernels that are not configured with CONFIG_SMP.  Without the patch,
    the "runq" command fails with the error message "runq: per-cpu runqueues
    does not exist", and the "timer" command fails with the error message
    "timer: zero-size memory allocation! (called from <address>)".

  * If code.google.com is not available from the host build machine, then
    "make extensions" will be delayed by a 10 minute timeout of the "git
    clone" command that downloads the EPPIC library and extension module
    source tree.  The patch pings code.google.com first in order to determine
    its availability before attempting the download.

  * For kernel versions 3.5 and later, in which the kernel log buffer has been
    converted from a byte-buffer to a variable-length record buffer, the "log
    -m" option will display the level in hexadecimal, and depending upon the
    kernel version, the value also contains either the facility or flags bits.

  * Fix for accessing the per-cpu registers from ARM vmcores generated by
    recent kernels in which the per-cpu data region has been moved into mapped
    kernel virtual address space.  Without the patch, an incorrect physical
    address is calculated, resulting in bogus register contents.

  * Check that an s390x dumpfile is a "live dump" earlier during session
    initialization so that the internal LIVE_DUMP flag will get set when
    "crash --minimal" is invoked.

  * Removed the usage of C++ keywords in structure and structure member names
    declared in "defs.h" so that extension modules written in C++ will compile
    successfully.  Accordingly, the "struct namespace" is renamed to "struct
    symbol_namespace", the struct symbol_table_data's "namespace" member is
    renamed to "kernel_namespace", and the struct gnu_request's "typename"
    member is renamed to "type_name".

  * Fix for the date displayed by the initial system banner and by the "sys"
    command for Linux version 3.6 and later.  Without the patch, the date
    displayed will be that of the UNIX epoch, i.e., midnight, Jan 1, 1970 UTC,
    adjusted to local time.

  * When the eppic.so extension module is built by "make extensions", the
    EPPIC source tree is downloaded from its upstream source repository at
    https://code.google.com/p/eppic.  However, if an EPPIC_GIT_URL environment
    variable is defined, then the URL that it points to will be used as an
    alternative git source repository.

  * Fix for a segmentation violation generated by the "struct" command when
    printing a structure member using the "struct_name.member" argument
    format, where the member is a "char *" that points to a string that
    contains a "%" character.

  * Patchset to support the most recent Xen hypervisor and Xen pvops kernels:
    (1) Always calculate max_cpus value (2) Read only crash notes for onlined
    CPUs (3) Read variables from dynamically allocated per_cpu data (4) Get
    idle data from alternative source (5) Read data correctly from dynamically
    allocated console ring (6) Add support for 3 level P2M tree

  * Fix for building a 32-bit eppic.so extension module after having built
    crash with "make target=ARM" or "make target=X86" on an x86_64 host.
    Without the patch, the eppic.so extension module would be built as a
    64-bit binary.

  * For the ARM architecture, fix the determination of the kernel modules base
    address when modules are not installed, and update the "mach" command to
    display the "KERNEL MODULES BASE" address.

  * Fix for the "kmem -[sS]" commands for Linux version 3.6 and later kernels
    configured with CONFIG_SLUB.  Without the patch, the commands fail with
    the error message "kmem: invalid structure member offset:
    kmem_cache_objsize".

  * Fix for an invocation failure when running against Linux version 3.6 and
    later kernels that are configured with CONFIG_SLAB.  Without the patch,
    the crash session fails during initialization with the error message
    "crash: invalid structure member offset: kmem_cache_s_next".

  * Fix for the "kmem -[sS]" commands on kernels that are configured with
    CONFIG_SLUB to prevent a silent hang if a per-node slab cache partial list
    recurses back onto itself.  Without the patch, it was necessary to kill
    the command; with the patch an error message is displayed and the command
    continues on to the next kmem slab cache.

  * Fix for the "kmem -[sS]" and "kmem -s list" options on dumpfiles from
    kernels that are configured with CONFIG_SLUB which have been filtered by
    the makedumpfile facility.  Without the patch, it is possible that those
    commands may generate the error message "kmem: page excluded: kernel
    virtual address: <address>  type: kmem_cache buffer", and would require
    either the "--zero_excluded" command line option or having to execute "set
    zero_excluded on" during runtime in order to complete successfully.

crash (6.0.8-1) UNRELEASED; urgency=low

  * Introduction of a new "tree" command that can be used to dump the the
    addresses of all data structure entries in a red-black tree or a radix
    tree.  Similar in nature to the "list" command, each data structure in a
    tree can be dumped in total, or one or more members in each strucure may
    be dumped.

  * If a compressed kdump header contains an invalid "nr_cpus" value, allow
    the crash session to continue after printing a warning message.  Without
    the patch, on non-S390/S390X systems, an invalid nr_cpus value generates a
    message such as "crash: compressed kdump: invalid nr_cpus value: 0", and
    the session subsequently fails with the message "crash: vmcore: not a
    supported file format".  However, compressed kdumps have been seen that
    have an nr_cpus value of 0, but the session can still run normally.  The
    patch changes the message to "WARNING: compressed kdump: invalid nr_cpus
    value: 0", and the session is allowed to continue.

  * Clarify the "help -n" output for compressed kdumps to show the offsets and
    sizes of the vmcoreinfo, notes, and eraseinfo sections  in both
    hexadecimal and decimal, and to cleanly handle compressed kdumps that have
    no NR_PRSTATUS notes in the notes section.

  * Fix for the X86 "bt" command for a possible situation where the crashing
    cpu's back trace starts at the "sysrq_handle_crash" stack frame instead of
    farther down the stack below the exception at the "crash_kexec" stack
    frame.

  * Fix for the "runq" command for kernels that have the CFS scheduler.
    Without the patch, tasks queued on a priority array of a cpu's RT runqueue
    may not be displayed.

  * Fix for analyzing dumpfiles from kernel version 3.5 and later, in which
    the kernel log buffer has been converted from a byte-buffer to a
    variable-length record buffer.  Without the patch, the crash session fails
    during initialization with the error message "crash: cannot determine
    length of symbol: log_end".  If the session is run on a live system, or if
    the session is invoked with the "-s" command line option, the session is
    not killed, but in those cases the "sys" and "log" commands will fail with
    the same error message.

  * For kernel versions 3.5 and later, in which the kernel log buffer has been
    converted from a byte-buffer to a variable-length record buffer, two new
    options have been added.  The "log -t" option will display log messages
    without the timestamp prepended.  The "log -d" option will display the
    dictionary of key/value pair properties that the kernel's dev_printk()
    function optionally appends to a message.

  * The SIAL extension module has been replaced by the "eppic" facility, which
    stands for "Embeddable Pre-Processor and Interpreter for C".  The eppic
    git tree is located at http://code.google.com/p/eppic.  When "make
    extensions" is done, the eppic source code will be downloaded
    automatically via "git clone", and then the "eppic.so" extension module
    will be built.  The "eppic.so" extension module offers the same command
    set as the older "sial.so" module; the SIAL extension module source files
    have been completely removed.  If desired, the eppic sources can be
    updated by executing "git pull" from the "extensions/eppic" subdirectory.

  * Added a new "list -h" option.  When used with -h, the "start", address
    must be the address of a data structure that contains an embedded
    list_head structure.  Updated the "list" help page to more clearly
    differentiate the difference between using a "start" address alone, "-H
    start", or "-h start", and added a WARNING section to address the problem
    of "-h start" passing through an external LIST_HEAD(), or passing though
    the actual starting point of the list that is contained within a different
    type of data structure from all the entries in the list.

  * Implemented a new "scope" crash environment variable that can alter the
    text scope for viewing the definition of data structures.  It is useful in
    cases where the kernel defines more than one instance of of a data
    structure with the same name, and the "wrong" one is selected by default.
    The variable takes a kernel or module text symbol name or address, or an
    expression evaluating to the same.  If the variable is a module text
    address, then the command will attempt to load the module into the crash
    session if it is not already loaded; if that fails, then the setting of
    the variable will fail.

  * Update to the extensions/trace.c extension modue to handle a kernel
    version 3.4 patch that added a new "ring_buffer_per_cpu.nr_pages" member,
    making the trace buffer size per-cpu.

  * Fix to recognize a kernel version 3.5 patch that changed the "qstr.len"
    member from an unsigned integer into a member of an anonymous structure
    within an anonymous union.  Without the patch, the following commands
    fail, displaying the following error messages: mount: "mount: invalid
    structure member offset: qstr_len" files: "files: invalid structure member
    offset: qstr_len" vm: "vm: invalid structure member offset: qstr_len"
    swap: "swap: invalid structure member offset: qstr_len fuser: "files:
    invalid structure member offset: qstr_len"

  * The "fuser" command generates the above error because it uses the "files"
    command behind the scenes.

  * Fix for the function that gathers a cpu's register set from an NT_PRSTATUS
    note of an x86 or x86_64 compressed kdump header if one or more cpus were
    offline when the system crashed.  In that case, if the requested cpu
    number is equal or greater than the number of online cpus, the function
    will fail.  When that happens, that cpu's back trace will not have those
    registers as a fall-back option if the starting point cannot be determined
    otherwise.

  * Added "ipcs" and "tree" command references to the crash.8 man page.

  * Redefined the usage of the "struct -o" flag when used in conjunction with
    a symbol or address argument.  Without this patch, the behavior has been
    to print the warning message "struct: -o option not valid with an address
    argument", ignore the "-o", and to just display the structure at that
    address.  With this patch, each structure member will be proceded by its
    virtual address.

  * Added new "bt -s [-xd]" options that will display symbol names plus their
    offset in each frame.  The default behavior is unchanged, where only the
    symbol name is displayed.  The symbol offset will be expressed in the
    default output format, which can be overridden with the -x or -d options.

  * Fix for 32-bit PPC to handle a situation where one or more NT_PRSTATUS
    note(s) were not captured in the kdump header due to cpu(s) not responding
    to an IPI.  Without the patch, the "bt" command may result in a
    segmentation violation.

  * Fix for building the PPC64 architecture in ppc64 environments where where
    applications are built 32-bit by default when -m32 or -m64 are not
    specified.  This was a regression introduced in the crash-6.0.3 patch that
    introduced the "make target=PPC" feature that can be performed on ppc64
    hosts.  Without the patch, a "make" command would build a 32-bit PPC crash
    utility on such ppc64 hosts.

  * Fix for the 32-bit PPC "irq" command.  Without the patch, depending upon
    the kernel version, the command would fail with the message "irq: cannot
    determine number of IRQs", or "irq: invalid structure size: irqdesc".

  * Fix for the 32-bit PPC "pte" command to properly translate the PTE bit
    settings based upon the correct Book3E specifications.

crash (6.0.7-1) UNRELEASED; urgency=low

  * Enhanced the "search" command to allow the searched-for value to be
    entered as a crash (expression) or a kernel symbol name.  The resultant
    value of an (expression) or kernel symbol value must fit into in the
    designated value size if -w or -h are used, and neither variant may be
    used with the -c option.  If found, both the resultant value and the
    argument input string will be displayed next to the target address(es).

  * Added a new "search -t" option that will restrict the search to the kernel
    stack pages of all tasks.  If one or more matches are found in a task's
    kernel stack, the output is preceded with a task-identifying header.

  * Fix for the s390x "bt -[tT]" options when run on an active task on a live
    system.  Without the patch, the options fail with the message "bt:
    invalid/stale stack pointer for this task: 0".

  * Fix for s390x "vm -p" option, which may show invalid user to physical
    address translation data if a page is not mapped.  Without the patch, a
    page's translation may indicate "<address>   SWAP: (unknown swap location)
    OFFSET: 0", or show an incorrect swap offset on an actual swap device.

  * Added new "vm -[xd]" options to be used in conjunction with "vm -[mv]",
    which override the current default output format with hexadecimal or
    decimal format for just the command instance.  Without the patch, it would
    require changing the default output format with "hex" or "dec" prior to
    executing "vm -[mv]".  The new flags may also be used with "foreach vm
    -[mv]".

  * Fix for the s390x "vm -p" and "vtop -u <user-address>" commands if the
    page containing the relevant PTE is not mapped.  Without the patch, the
    commands fail with the error message "vm: read error: kernel virtual
    address: 0  type: entry" or "vtop: read error: kernel virtual address: 0
    type: entry"

  * Fix for the s390x "vm -p" command and "vtop -u <user-address>" commands to
    properly translate pages that are swapped out into their swap file and
    offset.  Without the patch, the swap file and offset would not be
    displayed.

  * Added new "list -[xd]" options to be used in conjunction with "list -s",
    which override the current default output format with hexadecimal or
    decimal format for just the command instance.  Without the patch, it would
    require changing the default output format with "hex" or "dec" prior to
    executing "list -s".

  * Added new "net -[xd]" options to be used in conjunction with "net -S",
    which override the current default output format with hexadecimal or
    decimal format for just the command instance.  Without the patch, it would
    require changing the default output format with "hex" or "dec" prior to
    executing "net -S".  The new flags may also be used with "foreach net -S".

  * Added new "mach -[xd]" options to be used in conjunction with "mach -c",
    which override the current default output format with hexadecimal or
    decimal format for just the command instance.  Without the patch, it would
    require changing the default output format with "hex" or "dec" prior to
    executing "mach -c".

  * If the value read from the cpu online, present, or possible masks contains
    a cpu bit value that is outside the architecture's maximum NR_CPUS value,
    print a warning message during invocation.  Without the patch, a corrupt
    vmcore containing a bogus mask value could quietly corrupt heap memory.

  * Add support to for reading dumpfiles compressed by LZO using makedumpfile
    version 1.4.4 or later.  This feature is disabled by default.  To enable
    this feature, build the crash utility in the following manner: (1) Install
    the LZO libraries by using the host system's package manager or by
    directly downloading libraries from author's website.  The packages
    required are: - lzo - lzo-minilzo - lzo-devel The author's website is:
    http://www.oberhumer.com/opensource/lzo (2) Create a CFLAGS.extra file and
    an LDFLAGS.extra file in top-level crash sources directory: - enter -DLZO
    in the CFLAGS.extra file - enter -llzo2 in the LDFLAGS.extra file.  (3)
    Build crash with "make" as always.

  * Fix for the included "trace" extension module.  Without the patch, if the
    module initialization sequence fails, a double-free in the module may lead
    to a subsequent malloc() segmentation violation in the crash session.

  * Incorporated the "ipcs" extension module written by Qiao Nuohan as a
    built-in command.  The command displays the kernel's usage of the System V
    shared memory, semaphore and message queue IPC facilities.  It differs
    from the original extension module by fixing a failure scenario if the
    current task is exiting, and adds a "-n pid|task" option, which displays
    the IPCS facilities with respect to the namespace of a given pid or task.

  * Fix for a gdb-7.3.1 regression that causes the line number capability to
    fail with certain ranges of x86 base kernel text addresses.  Without the
    patch, the "dis -l <symbol>" or "sym <symbol>" commands would fail to show
    line number information for certain ranges of base kernel text addresses.

  * Added a new "printm" command to the embedded gdb module.  It is currently
    only used by the "pstruct" extension module, but can be used to dump the
    type, size, offset, bitpos and bitsize values of an expression.

  * Added a new "runq -t" option that displays the timestamp information of
    each cpu's runqueue, which consists of either the rq.clock, the
    rq.most_recent_timestamp or rq.timestamp_last_tick value, whichever
    applies.  Following each cpu timestamp is the last_run or timestamp value
    of the active task on that cpu, whichever applies, along with the task
    identification.

  * Fix for an initialization-time warning when running on a live system with
    the most recent version of the modprobe command, which no longer supports
    the -l and --type options.  The modprobe is used to detect whether the
    crash.ko memory driver is part of the distribution.  Without the patch, a
    warning message is issued that indicates "/sbin/modprobe: invalid option
    -- 'l'".  If the driver is built into the kernel, the message is harmless.
    If the driver is not built into kernel, then the crash.ko (/dev/crash)
    driver would not be selected as the live memory source.

crash (6.0.6-1) unstable; urgency=low

  * New upstream version 6.0.6
  * Extend the supported cross-architecture build capability so that it
    applies to the SIAL extension module.  Without the patch, when building
    the SIAL module in an environment where the overlying crash utility was
    built with "make target=ARM", "make target=PPC", or "make target=X86", the
    SIAL extension module would continue to be built for the host
    architecture.
  * Fixes for memory leaks and possible segmentation violations when unloading
    SIAL extension module scripts.
  * Fix for the new "foreach RU" task state qualifier.  Without the patch, the
    runnable tasks are not selected.
  * Fix to disallow multiple task states from being entered using the "foreach
    <task-state>" qualifier.  Without the patch, if multiple states were
    entered, the last one on the command line would be honored.
  * Fix for the "extend" command to allow the usage of 32-bit PPC extension
    modules.  Without the patch, the command fails with the message: "extend:
    <object>.so: not an ELF format object file".
  * If an input line starts with "#" or "//", then the line will be saved as a
    comment that is visible when re-cycling through the command history list.
  * Fix for a crash-5.1.9 regression that broke the "bt -g" option.  Without
    the patch, the option is ignored completely.
  * Fix for s390x virtual-to-physical translation of virtual addresses that
    are backed by 1MB pages.
  * The s390x has a dumpfile method that creates "live dumps", where the
    kernel continues to run while the dumpfile is being created.  The initial
    system banner display and the "sys" command will inform the user that the
    dumpfile is a "[LIVE DUMP]", and the "bt -a" option will fail with the
    message "bt: -a option not supported on a live system or live dump".
  * Newly-created dumpfiles generated by the "snap.c" extension module will
    now be recognized as "live dumps".  Accordingly, the initial system banner
    display and the "sys" command will inform the user that the dumpfile is a
    "[LIVE DUMP]", and the "bt -a" option will fail with the message "bt: -a
    option not supported on a live system or live dump".
  * If "bt" alone is attempted on an active task in a "live dump", it will
    indicate "(active)", i.e., the same as if it were attempted on a live
    system.
  * If an extension module does not define the appropriate architecture, i.e.,
    "-DX86", "-DX86_64", etc., then the inclusion of "defs.h" will generate a
    compiler failure indicating "error: 'NR_CPUS' undeclared here (not in a
    function)".  In that case, the architecture will now default to that of
    the host machine.
  * Prevent a highly-unlikely incorrect calculation of the maximum cpudata
    array length of a kmem_cache during initialization of of CONFIG_SLAB
    kernels.
  * Prevent an infinite loop during the initialization of the kmem_cache
    subsystem in CONFIG_SLAB kernels if the cache list or the vmcore is
    corrupt.  If the kmem_cache list links back into itself, messages showing
    the first "duplicate" entry in the list and "crash: unable to initialize
    kmem slab cache subsystem" will be displayed.
  * Update to the "mod" command to additionally search for module object files
    in the directory containing the kernel namelist (vmlinux) file.  This will
    allow an alternate module-debuginfo directory tree to be set up like so: #
    cd <directory> # rpm2cpio kernel-debuginfo-<release>.rpm | cpio -idv
    Having done that, and by referencing the vmlinux file in that directory
    tree directly or by symbolic link, the "mod" command will search for
    module object files starting from the directory containing the vmlinux
    file if they are not found in the standard /lib/modules/<release>
    directory.
  * Update to the s390x "bt" command if a task was running in userspace.
    Without the patch, the back trace display ended at the kernel entry
    function frame; with the patch, the user space PSW register is displayed
    with a "(user space)" tag, followed by the general purpose register set.
  * In the unlikely event that the access of ARM or x86_64 kernel unwind table
    data fails during crash invocation, print a warning message and allow the
    crash session to continue.  Without the patch, the crash session would
    fail immediately.

crash (6.0.5-1) unstable; urgency=low

  * New upstream version 6.0.5
  * Enhancement to the "foreach" command to allow any of the "name" arguments
    to be POSIX extended regular expressions.  The expression string must be
    encompassed by "'" characters, and will be matched against the names of
    all tasks.
  * Fix for the embedded gdb module's "ptype" command, and by extension, the
    crash utility's "struct" command, to be able to fully display embedded
    structure or union members of a structure/union.  Without the patch, if a
    structure or union is a member of a structure or union that is a member of
    a structure or union, then it is displayed as "struct {...}" or "union
    {...}".
  * Extend the "ps -l" output to also display the task state next to its
    last_run/timestamp value.
  * Enhancement to the "foreach" command which adds a new "state"
    task-indentifier argument that filters tasks by their task state.  The
    state argument may be any of the task states displayed by the "ps"
    command: RU, IN, UN, ST, ZO, SW or DE.
  * Implemented a new pc->cmd_cleanup function pointer and an optional
    pc->cmd_cleanup_arg argument that will allow any command to register a
    function and an optional argument that will be called after a command has
    completed successfully, or more likely, unsuccessfully.  Normally the only
    cleanup required for a command is the freeing of buffers that were
    allocated with GETBUF(), but that is performed automatically after each
    command is run.  However, with the introduction of the new POSIX regular
    expression functionality of the "foreach" command, there needed to be a
    way to call regfree() in the case where where regcomp() was called
    successfully, but then the command later encountered one of several fatal
    error conditions.  This facility is also available for use by extension
    module commands.
  * Enforce the usage of a kernel thread's pgd from its active_mm for the ARM
    "vtop -c" command; if its active_mm is NULL, make the command fail
    similarly to the other architectures, displaying the error message "vtop:
    no active_mm for this kernel thread".
  * Fix for the x86_64 "bt" command running against recent kernels if an
    active task was operating on its IRQ stack when the crash occurred.
    Without the patch, the determination of the IRQ exception frame was
    off-by-8, displaying invalid register data and the error message "bt:
    WARNING: possibly bogus exception frame".
  * Update to handle the vfsmount structure change in 3.3 kernels, in which
    most members of the vfsmount structure have been moved into a new "struct
    mount", and the vfsmount structure has been embedded in the new mount
    structure.
  * Fix for the "ps" command to prevent the display of "??" under the ST (task
    state) column.  Without the patch, in more recent kernels, if more than
    one bit were set in the task_struct.state field, the state would display
    "??".  With the fix, the primary state will always be displayed.
  * Update to the output of the "set" command when it displays a task's state.
    Without the patch, if more than one bit was set in the task_struct.state
    field, "STATE: (unknown)" would be displayed.  With the fix, all bits in
    both the task_struct.state and task_struct.exit_state fields are
    translated.
  * Implemented a new "vm -P <vma-address>" option, which is similar to "vm
    - p", but only does the page translations of the specified VM area of a
    context.
  * Add support for the Freescale PowerPC e500mc version of the E500 processor
    chipset, and rework the PPC platform-specific code in order to more easily
    support new processors.
  * Implemented a new "gdb" crash environment variable that can be used to
    alter a crash session's behavior such that all commands are passed
    directly to the embedded gdb module.  The new mode is turned on and off by
    entering "set gdb on" and "set gdb off".  When running in this mode, the
    command prompt will be "gdb>".  In order to execute native crash commands
    while running in this mode, precede the command with the "crash"
    directive, for example, "crash ps".
  * Fix for a "*** stack smashing detected ***: crash terminated" failure
    during the initial system banner display on a 32-bit PPC platform.
  * Redesigned/simplified the internal read_string() function to prevent a
    potential segmentation violation.
  * Updates for the 32-bit PPC "vtop" command output: (1) Translate kernel
    virtual addresses for FSL BOOKE by using the TLBCAM setting (2) Remove the
    PMD line from the display (3) Fix the displayed PHYSICAL values of FSL
    BOOKE PTE format
  * Fix for crash invocation failure on 3.3-era kernels in which the the
    former standalone "xtime" timespec structure has been moved into the
    "timekeeper" structure.  Without the patch, the crash session would fail
    early on with the message "crash: cannot resolve: xtime".  The patch also
    prevents the crash session failure in the unlikely event that the timespec
    access fails.

crash (6.0.4-1) unstable; urgency=low

  * New upstream version 6.0.4
  * Fix to allow the recently-added "mod -g" and "mod -r" options to be used
    together.  Without the patch, if both options were used, the command would
    fail with a "mod: invalid option" error complaining about one or the other
    option letter.
  * Additional update for 3.1.x and later kernels configured with CONFIG_SLAB,
    which have replaced the kmem_cache.nodelists[] array with a pointer to an
    outside array.  Without the patch, depending upon a system's cpu
    configuration and actual cpu count, the crash session may display "crash:
    unable to initialize kmem slab cache subsystem" during invocation, or if
    it does succeed, "kmem -s" may generate a segmentation violation.
  * Document the "crash [-h|--help] all" option in the crash.8 man page and in
    the "crash [-h|--help]" output.
  * Fix the S390/S390X-specific "s390dbf" command's "hex_ascii" debug data
    printing routine to prevent the display of non-ASCII characters.
  * Fix for ARM stack unwinding on 3.2 and later kernels due to commit:
    http://git.kernel.org/linus/de66a979012dbc66b1ec0125795a3f79ee667b8a
  * Implemented a new "search -x <count>" option that displays the memory
    contents before and after any found search target.  The before and after
    memory context will consist of "count" memory items of the same size as
    the searched-for value.  This option is not applicable with the -c option.
  * Fix for the x86_64 Xen hypervisor "bt" command.  Without the patch, the
    contents of the RDX register in exception frames incorrectly shows the
    contents of the RCX register.
  * Implementation of a platform-based vmalloc address translation scheme for
    the 32-bit PPC architecture, introducing support for the PPC44X platform
    while maintaining the current default platform.  Related to that, the PTE
    translation function used by "vtop" properly handles platforms that use
    64-bit PTEs, and the "mach" command displays the kernel's
    "powerpc_base_platform" name string.
  * Fix for the usage of native gdb commands where the command output is
    redirected to a pipe and then redirected to a file.
  * Fix to prevent a crash session that is run over a network connection that
    is killed/removed from going into 100% cpu-time loop.  The fix that went
    into crash-5.0.2 to handle the change in behavior of the built-in
    readline() library call does not suffice in cases where readline() never
    gets a chance to be called.  Accordingly, the crash session is now
    initialized with a PR_SET_PDEATHSIG prctl setting, which will cleanly kill
    itself upon its parent's death.
  * Fix for the support of PPC64 compressed kdumps, a regression that was
    introduced in crash-6.0.3 when support for 32-bit PPC compressed kdumps
    was implemented.  Without the patch, the crash session fails to
    initialize.
  * Fix for the x86_64 "bt" command to prevent the possible skipping of the
    stack frame just above an exception frame that indicates "[exception RIP:
    unknown or invalid address]".  This highly-unlikely event could occur if
    the kernel jumps to a bogus text location and attempts to execute it, or
    if the exception occurs in vmalloc space that was allocated with
    module_alloc() by a systemtap kprobe-handler, and therefore has no
    symbolic reference.

crash (6.0.3-1) unstable; urgency=low

  * New upstream version 6.0.4
  * Fix to gdb-7.3.1/bfd/bfdio.c to properly zero out a complete struct stat
    with a corrected memset argument; caught when compiling with the Clang
    Static Analyzer.
  * Fix for the SIAL extension module to remove a call to sial_free() for an
    uninitialised variable that can result in a segmentation violation when
    unloading a sial script.
  * Fix for the "runq" command for kernels that are configured with
    CONFIG_FAIR_GROUP_SCHED.  Without the patch, tasks contained within the
    task-group of a cpu's currently-running task may not be displayed.
  * Implemented support for the analysis of 32-bit PPC ELF kdump vmcores.
  * Implemented the capability of building a PPC crash binary on a PPC64 host,
    which can be done by entering "make target=PPC".  After the initial build
    is complete, subsequent builds can be done by entering "make" alone.
  * Determine the PPC page size from the kdump PAGESIZE vmcoreinfo data.
  * Fix for the "kmem -[sS]", "kmem -[fF]" and "kmem <address>" options in 3.2
    kernels.  Without the patch, the commands fail with the error "kmem:
    invalid structure member offset: page_lru".
  * Addition of a set of dumpfile read diagnostic debug statements.  They are
    primarily of use when dealing with kdump invocation or runtime read
    failures (ELF kdumps or compressed kdumps), and can serve to help pinpoint
    the problem as a faulty/corrupted dumpfile vs. a crash utility bug.  Some
    statements are seen when invoking crash with "-d1", more with "-d4", and
    all of them with "-d8".  During runtime, debug statements may be seen by
    entering "set debug <level>".
  * Fix for X86 kernels that have CONFIG_X86_32, CONFIG_DISCONTIGMEM,
    CONFIG_DISCONTIGMEM_MANUAL and CONFIG_NUMA all configured.  Without the
    patch, the VM subsystem fails to initialize properly because the pgdat
    structures are allocated by the remap allocator.
  * Fix for the "vtop" command on large NUMA X86 kernels where a node's
    starting physical address is larger than 32-bits.  Without the patch, the
    page struct contents of a virtual address  may not be displayed.
    Associated with that fix, the "kmem -n" line that displays a node's
    MEM_MAP, START_PADDR and START_MAPNR values has been adjusted to more
    properly handle large physical addresses.
  * Update for the ARM architecture to recognize a recent change of its
    vmlinux section name from ".init" to ".init.text".  Without the patch, a
    warning message indicating "crash: cannot determine text init space" is
    displayed during initialization.
  * Significant speed increase of the "kmem -p" command, especially on
    large-memory systems.
  * Implemented new "irq -a" and "irq -s" options.  The "irq -a" option
    displays the cpu affinity for in-use IRQs.  The "irq -s" option displays
    per-cpu IRQ stats in a similar manner to /proc/interrupts for all cpus.
    To show a limited set of per-cpu IRQ stats, there is an associated "-c"
    option that limits the cpus shown, which can be expressed as "-c 1,3,5",
    "-c 1-3", or "-c 1,3,5-7,10".  The options are currently restricted to
    X86, X86_64, ARM, PPC64 and IA64.
  * Removal of a redundant read of the kernel's __per_cpu_offset pointers in
    the ARM architecture's arm_get_crash_notes() function.
  * Fix for an ARM architecture segmentation violation because of a stack
    overflow due to recursion in the page table translation code.  This was
    seen when analyzing a dumpfile where the page tables had been corrupted.
  * Fix for the the "FREE HIGH" tally in the X86 "kmem -i" display.  Without
    the patch, the PAGES, TOTAL and PERCENTAGE values would always show zero
    values.
  * Fix for the "kmem -n" output display for 32-bit architectures that are
    configured with CONFIG_SPARSEMEM.  Without the patch, the values under the
    CODED_MEM_MAP, MEM_MAP and PFN columns are all shifted to the left.
  * Cleanup of several SIAL extension module files to address bison 2.5 and
    gcc 4.4.3 compile-time warnings.
  * Fix for "net -[sS]" command options on the ARM architecture.  Without the
    patch, invalid data would be displayed because the calculation of the
    socket address was off by 4 bytes.
  * Fix for the ARM "bt" command to allow the core kernel unwind tables to be
    used in cases where the module unwind tables are inaccessible.
  * Implementation of a new "dev -d" option that displays disk device I/O
    statistics.  For each disk device, its major number, gendisk and
    request_queue addresses are displayed along with the total number of
    allocated I/O requests that are in-progress.  The total I/O requests are
    then split out into synchronous vs. asynchronous counts (or reads vs.
    writes in older kernels), and the number that are in-flight in the device
    driver.
  * Update for 3.1.x and later kernels configured with CONFIG_SLAB, which have
    replaced the kmem_cache.nodelists[] array with a pointer to an outside
    array.  Without the patch, the crash session fails during invocation with
    the error "crash: zero-size memory allocation!".
  * Implemented support for the analysis of 32-bit PPC compressed kdump
    vmcores.
  * Prevent the "runq" command from dumping an unending loop of tasks if the
    CFS runqueue has been corrupted.  If the output of a cpu's runqueue would
    display a duplicate task, the output will stop with the message "WARNING:
    duplicate CFS runqueue node: task <address>".
  * Repurposed/renamed the rarely-used and rarely-needed "mod -r" option to
    "mod -R".  The option is used to reinitialize the module data; all
    currently-loaded symbolic and debugging data is deleted, and the installed
    module list will be updated (live systems only).
  * Implemented a new "mod -r" option, which will pass the "-readnow" flag to
    the embedded gdb module, which will override the two-stage strategy that
    it uses for reading symbol tables from module object files.  If the crash
    session was invoked with the "--readnow" flag, then the same override will
    occur automatically.  It should be noted that doing will increase the
    virtual and resident memory set size.
  * Performance increase for the "kmem -s <address>" option on kernels
    configured with CONFIG_SLAB, most notably on kernels whose
    kmem_cache.array[NR_CPUS] array is several pages in size.
  * Require that the "<slabname>" argument to "kmem -s <slabname>" be escaped
    with a '\' character in two situations: 1, in the highly-unlikely case of
    a kmem_cache slab named "list", to prevent the ambiguity with the "kmem -s
    list" command option. 2, if the first character of the <slabname>
    actually is a '\' character.

crash (6.0.2-1) unstable; urgency=low

  * New upstream version 6.0.2
  * Implemention of a new "arguments-input-file" feature, where an input file
    containing crash command arguments may be iteratively fed to a crash
    command.  For each line of arguments in an input file, the selected crash
    command will be executed.
  * Many thanks to Josef Bacik for proposing this feature.
  * Fix for the "runq" command for kernels configured with
    CONFIG_FAIR_GROUP_SCHED.  Without the patch, it is possible that a task
    may be listed twice in a cpu's CFS runqueue.
  * Fix for the internal parse_line() function to properly handle the case
    where the first argument in a line is a string argument that is
    encapulated with quotation marks.
  * Fix for the usage of gzip'd vmlinux file that was compressed with "gzip
    -n" or "gzip --no-name" without using "-f" on the command line.  Without
    the patch, the crash session fails with an error message that indicates
    "crash: <string-containing-garbage>: compressed file name does not start
    with vmlinux".  With the patch, if such a file is used without "-f", it
    will be accepted with a message that indicates that the original filename
    is unknown, and a suggestion that "-f" be used to prevent the message.
  * Added a new "mod -g" option that enhances the symbol display for kernel
    modules.  After loading a module's debuginfo data, the module object's
    section addresses will be shown as pseudo-symbols.
  * Fix for the "gdb" command to prevent the option handling of command lines.
    Without the patch, a gdb command string that contained a "-<character>"
    pair preceded by whitespace, would fail with the error message "gdb: gdb:
    invalid option -- <character>".
  * Fix for the panic-task determination if a dumpfile is taken on a system
    that actually has a cpu count that is equal to its per-arch NR_CPUS value.
    Without the patch, the task running on the cpu whose number is equal to
    NR_CPUS-1 would be selected.
  * Fix for the x86_64 "bt" command to handle a recursive entry into the NMI
    exception stack.  While this should normally never happen, it is possible
    if, for example, a kprope is entered into a function that gets executed
    during NMI handling, and a second NMI is received after the initial one,
    corrupting the original exception frame at the top of the NMI stack.
    Without the patch, the NMI stack backtrace and exception frame would be
    displayed repeatedly; with the patch, the backtrace and exception frame
    are followed by the warning message "NMI exception stack recursion: prior
    stack location overwritten".
  * Support dumpfiles that are created by the PPC64 Firmware Assisted Dump
    facility, also known as "fadump" or "FAD".  Without the patch, the panic
    task cannot be determined from a fadump vmcore which was subsequently
    compressed with makedumpfile, and therefore a proper backtrace of the
    panic task cannot be generated.
  * Preparation for new s390x kernels that will increase MAX_PHYSMEM_BITS from
    42 to 46.

crash (6.0.1-1) unstable; urgency=low

  * New upstream version 6.0.1
  * Several fixes/updates for the 32-bit PPC architecture: (1) Delete
    "__func__.<number>" symbols from the symbol list.  (2) Update manner of
    determining the processor speed displayed by the initial system banner and
    the "sys" command.  (3) Use the kernel's online cpus mask for determining
    the cpu count.  (4) Enable the "bt" command to follow traces that start in
    a per-cpu IRQ stack.  (5) Fix for the "bt" command to better prevent
    runaway stack traces.  (6) Fix for the "bt" command to recognize/display
    2.6 kernel exception frames.  (7) Update "bt" command's exception frame
    register display.  (8) Implement "bt -f" option.
  * Fix for the X86 kernel module line-number capability on some kernels.  It
    is unclear why only some kernel versions exhibit this problem, but the
    newly-embedded gdb version 7.3.1 has changed behaviour such that the
    addrmap arrays of module text address blocks may contain the module text
    offset values instead of their loaded vmalloc addresses, and so without
    the patch, there is no "match" for the vmalloc address when searching for
    its line number information.  It is fixed by doing a preliminary symbol
    search before accessing the line-number access routine.
  * Fix for the X86_64 kernel module line-number capability on kernels that
    have functions preceded by the __vsyscall_fn macro, which puts the kernel
    text function in the vsyscall page that starts at virtual address
    0xffffffffff600000.  This results in a text address block that starts at a
    normal kernel text address but ends with a vsyscall address, which
    inadvertently contains the whole vmalloc address range.  Without the
    patch, line number requests for module vmalloc text addresses would be
    mistakenly issued the first text section that ended with a vsyscall
    address, but then cannot find line number information in that section.
  * Fix for the inadvertent patching of the symbols of the 32-bit Xen
    hypervisor binary.  Without the patch, during initialization the
    minimal_symbols are "patched" with their original values, so they remain
    unchanged, and the message "WARNING: kernel relocated [0MB]: patching 3434
    gdb minimal_symbol values" is displayed.
  * If the "--mod <directory-tree>" command line option, or the setting of the
    CRASH_MODULE_PATH environment variable, or the "mod -S <directory-tree>"
    point to a tree that contains only the separate debuginfo
    "<module>.ko.debug" files, then those debuginfo files will be used as the
    internal "add-symbol-file" arguments to the embedded gdb module.  Without
    the patch, it was only acceptable to point to a directory tree that
    contained the base "<module>.ko" files, and the separate debuginfo files
    were found automatically based upon the directory path to the base module
    file.  This will allow an alternate module-debuginfo directory tree to be
    set up like so: # cd <directory> # rpm2cpio kernel-debuginfo-<release>.rpm
    | cpio -idv Having done that, the <directory> may be used with the
    "--mod", command line argument, or as the CRASH_MODULE_PATH environment
    variable, or as the "mod -S <directory> argument.
  * Make the suspension of the verbose/time-consuming "sym -l" output
    immediate upon the killing of the output pipe, or the entry of the first
    CTRL-c.  Without the patch, it would typically take several seconds, or
    multiple CTRL-c entries, for the "crash>" prompt to be re-displayed.
  * Fix for the handling of piped commands if the command receiving the crash
    output is non-existent or invalid.  Without the patch, the crash command
    would wait indefinitely unless multiple CTRL-c entries were entered.
  * Fix for the s390x "bt" command's floating point register display header.
    Without the patch, the header indicates that only registers 0, 2, 4 and 6
    are printed, a relic of the s390 architecture, whereas on the s390x all
    floating point registers are displayed.
  * Fix for the error message displayed when an untrusted .gdbinit file exists
    in the current directory.  Without the patch, the error message "WARNING:
    not using untrusted file: " would be followed by garbage ASCII data
    instead of the full pathname of the .gdbinit file.
  * Fix for the "kmem -p" and "kmem -i" commands in 3.1 and later kernels
    where the page structure's "_count" member was moved into an embedded
    anonymous structure.  Without the patch, the commands fail with the error
    message "kmem: invalid structure member offset: page_count FILE: memory.c
    LINE: 4610  FUNCTION: dump_mem_map_SPARSEMEM()".
  * Allow the user to append data to the CFLAGS and LDFLAGS variables in the
    top-level Makefile.  The extra data should be put in files named
    "CFLAGS.extra" and "LDFLAGS.extra" in the top-level directory; if either
    or both files exist, the extra data within them will be appended to the
    relevant variable.  Typically the LDFLAGS.extra file will contain
    "-l<library>" strings, and the CFLAGS.extra file will contain "-D<value>"
    strings.  This will allow the crash utility to be built with optional
    libraries, and the code that references them to be encapsulated with
    associated "#ifdef <value>" sections.  The extra CFLAGS data will also be
    passed to extension modules that are built within the local
    "crash-<version>/extensions" subdirectory.
  * The LDFLAGS setting in the Makefile can no longer be modified by hand.  It
    will be automatically configured by the "configure -b" option, based upon
    the contents of the optional "LDFLAGS.extra" file.
  * Fix for the "runq" command to display the runnable tasks that are
    contained within a cgroup's task-group scheduling entity.  Without the
    patch, only scheduling entities that are individual tasks get displayed,
    and runnable tasks in task-group scheduling entities get skipped.
  * Fix for the SIAL extension module when repeatedly loading and unloading a
    sial script when a full pathname is specified for the script.  Without the
    patch, the 4th unload attempt generates a segmentation violation.
  * Fix for the SIAL extension module to register the help and usage functions
    for a command only when loading a script.

crash (6.0.0-1) unstable; urgency=low

  * New upstream version 6.0.0
  * Depend on binutils  (close: #645124)
  * Updated the embedded gdb version to FSF gdb-7.3.1.  This change is
    required for kernels built with gcc-4.6.1, which now defaults to using
    -gdwarf-4.  When using prior versions of crash on such a vmlinux file, it
    fails immediately with the message "Dwarf Error: wrong version in
    compilation unit header (is 4, should be 2) [in module vmlinux]" followed
    by "crash: vmlinux: no debugging data available".  (anderson@xxxxxxxxxx)
  * Incremental patch for the SADUMP dumpfile support that was introduced in
    crash-5.1.8.  The patchset fixes minor bugs, cleans up the sadump module,
    addresses the issue of gathering the first 640KB backup from a
    kdump-enabled kernel, prepares for makedumpfile's support of the SADUMP
    format, and has "bt" display the stored register set when the compressed
    kdump was generated from an SADUMP dumpfile.  (d.hatayama@xxxxxxxxxxxxxx)
  * Fix for the "gdb" command, or any command that resolves to a gdb command,
    to allow redirection to a pipe or file.  This addresses a regression that
    was introduced by an unrelated "gdb" command fix in crash-5.1.4 that
    prevented the stripping of quotation marks from the input line.  Without
    the patch, redirection of a "gdb" command to a pipe or file fails with the
    error message "gdb: gdb request failed:
    <original-command-line-including-redirection>".  (anderson@xxxxxxxxxx)
  * Fix for live system analysis of 32-bit PPC kernels.  Without the patch,
    the session would fail after displaying the error message: WARNING:
    machine type mismatch: crash utility: PPC vmlinux: (unknown)
    (nakayama.ts@xxxxxxxxxxxxxx)
  * Fix to allow vmalloc memory access on 32-bit PPC kernels.  Without the
    patch, the warning message "WARNING: cannot access vmalloc'd module
    memory" would be displayed during invocation, and kernel virtual memory
    that was vmalloc'd could not be accessed.  (nakayama.ts@xxxxxxxxxxxxxx)
  * Fix to correctly gather task addresses from 32-bit PPC kernels.  Without
    the patch, during invocation a stream of error messages indicating "crash:
    invalid task address in pid_hash: <address>" would be displayed.
    (nakayama.ts@xxxxxxxxxxxxxx)
  * Fix for the "bt" command in 32-bit PPC kernels.  Without the patch, the
    "bt" command would generate a segmentation violation.
    (nakayama.ts@xxxxxxxxxxxxxx)

crash (5.1.9-1) unstable; urgency=low

  * New upstream version 5.1.9
  * Fixed the compressed kdump panic task determination function to use the
    kernel's "crashing_cpu" symbol if it exists.  Without the patch, the
    function returned 0 because it was using diskdump-specific header
    variables that are always set to zero in compressed kdump dumpfiles; the
    panic task was then found by searching the kernel stacks of all of the
    active tasks.  (anderson@xxxxxxxxxx)
  * Fix for the potential of false-positive warning messages during the
    initialization of s390x zdump dumpfiles that would indicate either
    "WARNING: multiple active tasks have called die and/or panic" and/or
    "WARNING: multiple active tasks have called die".
    (holzheu@xxxxxxxxxxxxxxxxxx)
  * Removal of superfluous code for gathering registers from the ELF header in
    the ARM get_netdump_regs_arm() function.  (per.fransson.ml@xxxxxxxxx)
  * Additional fixes for the ARM architecture gdb-7.0/bfd/elf32-arm.c and
    gdb-7.0/bfd/cpu-arm.c files to handle gcc-4.6 compiler failures.  Without
    the patch, gcc-4.6 generates "error: variable ‘<variable>’ set but not
    used [-Werror=unused-but-set-variable]" fatal errors when the (default)
    -Werror flag is used.  Previous gcc versions considered local variables
    were simply set to some value to be "used", but that is no longer the
    case.  (anderson@xxxxxxxxxx)
  * Added new "dis -[xd]" options, which override the current default output
    format with hexadecimal or decimal format for just the command instance.
    Without the patch, it would require changing the default output format
    with "hex" or "dec" prior to executing "dis".  (anderson@xxxxxxxxxx)
  * Added new "task -[xd]" options, which override the current default output
    format with hexadecimal or decimal format for just the command instance.
    Without the patch, it would require changing the default output format
    with "hex" or "dec" prior to executing "task".  The new flags may be used
    with "foreach task" as well.  (anderson@xxxxxxxxxx)
  * Prevent the "struct -[xd]", "union -[xd]", and "p -[xd]" commands from
    allowing both options being entered on the command line.
    (anderson@xxxxxxxxxx)
  * Fixes to top-level crash source files filesys.c, memory.c, netdump.c,
    sadump.c, symbols.c, x86.c and lkcd_x86_trace.c to allow them to be
    compiled cleanly with gcc-4.6.  Without the patch, gcc-4.6 generates fatal
    errors indicating "error: variable ‘<variable>’ set but not used
    [-Werror=unused-but-set-variable]" when building crash with "make Warn",
    or generates similar warning messages when building with "make warn".
    This has been tested only on x86, x86_64 and ARM; the other architectures
    may still generate errors/warnings when compiling their machine-specific
    files with gcc-4.6.  (anderson@xxxxxxxxxx)
  * Fix for the "irq" command on 2.6.39 and later kernels.  Without the patch,
    the command fails with the message "irq: invalid structure member offset:
    irq_desc_t_status".  (anderson@xxxxxxxxxx)
  * Fix for the SIAL extension module that solves the problem of getting
    access to integer variables.  (makc@xxxxxxxxx)
  * Fix for compiler warnings when building the extensions/sial.so extension
    module with recent versions of /usr/bin/ld.  Without the patch, two
    warning messages are displayed:  "/usr/bin/ld: Warning: alignment 4 of
    symbol 'sialppdebug' in /tmp/ccYSzE2s.o is smaller than 16 in
    libsial/libsial.a(sialpp.tab.o)" and "/usr/bin/ld: Warning: alignment 4 of
    symbol 'sialdebug' in /tmp/ccYSzE2s.o is smaller than 16 in
    libsial/libsial.a(sial.tab.o)".  (maxc@xxxxxxxxx)
  * If the stack pointer found in the register set stored in the ELF header of
    a compressed kdump dumpfile, a KVM dumpfile, or an SADUMP dumpfile is
    either NULL or cannot be accessed, the register set will be dumped after
    the error message.  Without the patch, only the error message was
    displayed.  (anderson@xxxxxxxxxx)
  * Preparation of the top-level crash sources for more efficient updates of
    the embedded gdb version.  The changes should be invisible other than the
    fact that all top-level source files will now be compiled with the
    -DGDB_xxx flag, because the gdb-defined TYPE_CODE_xxx values that are
    exported in defs.h changed in more recent gdb versions.
    (anderson@xxxxxxxxxx)
  * Fixes for potential segmentation violations during the panic task search
    phase of session initialization from a version 4 or later x86_64
    compressed kdump, in which the number of ELF NT_PRSTATUS notes in the
    dumpfile does not match the number of cpus running when the system
    crashed.  (Joe.Lawrence@xxxxxxxxxxx, anderson@xxxxxxxxxx)
  * Created an exported set_tmpfile2() function that allows the caller to pass
    in their own FILE pointer of an open file that only exists during the
    execution of a command.  It will afford the recursive-use protection of
    open_tmpfile2() plus the automatic closure of the file if the command
    fails prior to completion or if the user forgets to close it with
    close_tmpfile2().  (anderson@xxxxxxxxxx)
  * Created a new "rd -r <outputfile>" option that copies raw data from memory
    to an output file.  It can be invoked either of two possible manners:
     crash> rd -r <outputfile> <address> <count>
     crash> rd -r <outputfile> <address> -e <ending-address
    The <count> value is always a byte count with this option.
    (adrian.wenl@xxxxxxxxx, anderson@xxxxxxxxxx)
  * Fix for the ARM "bt" command to store the correct value of the fp register
    of active tasks.  Without the patch, in rare circumstances, the output may
    show an empty backtrace.  (per.xx.fransson@xxxxxxxxxxxxxx)
  * Fix to prevent a harmless warning message when /proc/kallsyms is used as a
    mapfile argument.  Without the patch, during initialization, the message
    "crash: /proc/kallsyms: lseek: Invalid argument" is       displayed.  If a
    regular file copy of /proc/kallsyms is used, the message is not displayed.
    (anderson@xxxxxxxxxx)
  * Fix for running against live x86 kernels that have been relocated by the
    Intel Trusted Boot or "tboot" facility.  Without the patch, a live crash
    session fails during invocation with the error message "crash: vmlinux and
    /dev/mem do not match!" (or "/dev/crash" if applicable).  As a
    work-around, "/proc/kallsyms" can be entered on the command line, or the
    "--reloc=<size>" option can be used, but this fix obviates that
    requirement for live systems.  (anderson@xxxxxxxxxx)
  * Fix for the unlikely event where makedumpfile-generated s390/s390x
    compressed kdumps do not have a CPU count in the dumpfile header.  This
    can happen when older s390 dump tools are used to create a dump that do
    not write the CPU information into the s390 dump header.  Without the
    patch, the warning message "crash: compressed kdump: invalid nr_cpus: 0"
    is displayed, the dumpfile is not recognized as a compressed kdump, and
    the session fails.  Since s390/s390x have a fallback function that gets
    the CPU register information out of memory, the same warning message will
    be displayed, but the dumpfile will still be recognized as a compressed
    kdump.  (holzheu@xxxxxxxxxxxxxxxxxx)
  * Fix for the "net -s" command on 2.6.38 and later kernels.  Without the
    patch, the command fails with the error message "net: invalid structure
    member offset: inet_opt_daddr".  (bob.montgomery@xxxxxx,
    anderson@xxxxxxxxxx)

crash (5.1.8-1) unstable; urgency=low

  * Added explicit build-dep for dpkg-dev (>= 1.16.1) to resolve the "set but
    unused" errors.
  * New upstream version 5.1.8
  * Fixes for gdb-7.0 ppc64/ppc-specific files to handle gcc-4.6 compiler
    failures.  Without the patch, gcc-4.6 generates "error: variable
    ‘<variable>’ set but not used [-Werror=unused-but-set-variable]" fatal
    errors when the (default) -Werror flag is used.  Previous gcc versions
    considered local variables were simply set to some value to
  * Add support for the "bt" command to recognize the new s390x
    "restart_stack" used by the PSW restart interrupt in 3.0.1 and later
    kernels.
  * Enhancement to the s390x "bt" command to display the register contents of
    the pt_regs strucutre for interrupts, instead of just printing the string
    "- Interrupt -".  The pt_regs structure contains all of the current
    registers and PSW of the interrupted CPU.
  * Removed the "files -l" option, which does not support 2.6 or later
    kernels, and because it requires structure offset data that can only be
    determined if the "lockd" and "nfsd" modules have been built into the
    kernel.  Given the kernel module dependencies, the command is more
    suitable as an extension module, if anyone cares to carry on its legacy.
  * Fix for the "ps" command to disallow the mutually-exclusive "-u" and "-k"
    options from being entered together.  Without the patch, whichever of the
    two options was entered last was acted upon.  Also, the help page was
    clarified by separating the three process identifier formats from the
    "-u", "-k" and "-G" qualifiers.
  * Fix for the "ps" command to disallow the mutually-exclusive "-a", "-t",
    "-c", "-p", "-g", "-l" and "-r" options from being entered together.
    Without the patch, whichever of the seven options that was entered last
    was acted upon.
  * Added new "struct -[xd]" and "union -[xd]" options, which override the
    current default output format with hexadecimal or decimal format for just
    the command instance.  The "-o" member offset values and the structure
    size value are also controlled by the new options.  Without the patch, it
    would require changing the default output format with "hex" or "dec" prior
    to executing the "struct" or "union" command.
  * Fix for the "fuser" command, which may occasionally precede its output
    with the message "WARNING: FILE_NRHASH has changed from 32" on 2.6.19 and
    later kernels.  The message is harmless.
  * Exported new set_temporary_radix() and restore_current_radix() functions,
    which are used to temporarily override the current output radix setting.
  * Fixes for ARM gdb-7.0/bfd/elf32-arm.c file to handle gcc-4.6 compiler
    failures.  Without the patch, gcc-4.6 generates "error: variable
    ‘<variable>’ set but not used [-Werror=unused-but-set-variable]" fatal
    errors when the (default) -Werror flag is used.  Previous gcc versions
    considered local variables were simply set to some value to be "used", but
    that is no longer the case.
  * Cosmetic fix for command-failure "Usage" messages to prevent the output
    from exceeding 80 columns.
  * Implemented a new "struct -p" option which can be used to dereference
    pointer members and display the target data.  The option can be used with
    the struct_name.member[,member] format, or if not, all pointers in the
    structure will be dereferenced.  If the member is a pointer, the member's
    data type will be prepended to the member name when displaying the target
    address; on the subsequent line(s) the target's symbol name will be
    displayed in brackets if appropriate, and if possible, the target data
    will be displayed.
  * Implemented support for "SADUMP" dumpfiles, which are created by the
    Fujitsu Stand Alone Dump facility.  The dump-creation mechanism is based
    in hardware-specific firmware, generating a dumpfile in three different
    formats: sadump dump device (single partition), sadump dump device (disk
    set), and archive file formats.  The crash utility recognizes all three
    formats.
  * Fix for the "bt" command to display Control registers 8-15 (s390x and
    s390) and floating point registers 8-15 (s390x only) correctly.  Without
    the patch, the register content was copied from the wrong location of the
    save area, and the wrong register values were displayed for the active
    tasks.
  * Fix for 2.6.34 ppc64 kernels, which were changed to dynamically allocate
    the paca structure, and changed the data type of "paca" symbol from array
    to a paca_struct pointer.
  * Fix for 2.6.36 and later ppc64 kernels, which overwrite the paca pointer
    variable to point to a static paca during a crash sequence just prior to
    the kexec of the secondary kernel, which contains a
    paca_struct.data_offset value that is valid only for crashing cpu.
    However, the kernel change also re-introduced the  __per_cpu_offset array,
    which had been removed in 2.6.15, which will be used as an alternative to
    the per-cpu paca_struct.
  * The new version of makedumpfile, 1.4.0, contains a facility that allows a
    user to filter out kernel data (e.g., security keys, confidential/secret
    information, etc.) from a vmcore.  The data that is filtered out is
    poisoned with character 'X' (0x58).  A filtered ELF kdump vmcore now
    contains a new "ERASEINFO" ELF note section that contains the filter data
    strings used by makedumpfile.  A filtered compressed kdump has a header
    version number 5, and contains new offset_eraseinfo and size_eraseinfo
    members in its sub-header that point to a copy of the filter data strings.
    In most cases, the erased kernel data will be inconsequential to the crash
    session, but it is certainly possible that the removal of crucial kernel
    data that the crash utility needs may cause the crash session to fail,
    cause individual commands to fail, or result in other unpredictable
    runtime behaviour.  This patch detects whether kernel data has been erased
    from the dumpfile, and if so, displays an early warning message alerting
    the user.  The "help -n" command displays the filter data strings that
    were used by makedumpfile.

crash (5.1.7-4) unstable; urgency=low

  * Stop erroring on the set-but-unused messages (close: #643719)

crash (5.1.7-3) unstable; urgency=low

  * Fix the fix for the "set but unused" patch for ppc (closes: #639067)

crash (5.1.7-2) unstable; urgency=low

  * Fixed "set but unused" errors on PPC causing a FTBS.

crash (5.1.7-1) unstable; urgency=low

  * New upstream version 5.1.7
  * Fix for the x86_64 "bt" command in the highly-unlikely event that a
    non-crashing CPU receives a NMI immediately after receiving an interrupt
    from another source in a 2.6.29 and later kernel.  In those kernels, the
    IRQ entry-point symbols "IRQ0x00_interrupt" through "IRQ0x##_interrupt" no
    longer exist, but the entry points exist as memory locations starting at
    the symbol "irq_entries_start".  Without the patch, if a shutdown NMI
    interrupt gets received while in one of the entry point stubs, "bt" will
    fail with the error message "bt: cannot transition from exception stack to
    current process stack".
  * The x86 and x86_64 "bt -e" and "bt -E" commands will display symbolic
    translations of kernel-mode exception RIP values.
  * Clarified two initialization-time CRASHDEBUG(1) messages to make it
    obvious that the two linux_banner strings being compared originate from
    the memory source or the kernel namelist file.
  * Fix for the x86 "bt" command to handle cases where the shutdown NMI was
    received when a task had just completed an exception, interrupt, or signal
    handler, and was about to return to user-space.  Without the patch, the
    backtrace would be proceeded with the error message "bt: cannot resolve
    stack trace", display the trace without the kernel-entry exception frame,
    and then dump the text symbols found on the stack and all possible
    exception frames.
  * Fix for 2.6.33 and later kernels that are not configured CONFIG_SMP.
    Without the patch, they fail during initialization with the error message
    "crash: invalid structure member offset: module_percpu".
  * Prepare for the imminent change in size of the vm_flags member of the
    vm_area_struct to be 64-bits in size for all architectures now that 32
    bits have been consumed.  The crash utility code had been handling the
    older change of the vm_flags member from a short to a long, but that would
    not account for the future change to a 64-bit member on 32-bit
    architectures.
  * Update of the "vm -f <flags>" option to the current upstream state.
    Without the patch, only 23 of the currently-existing 32 bit flags were
    being translated.  (anderson@xxxxxxxxxx)
  * Fix for the "kmem -s", "kmem -S", "kmem -s <address>" and "kmem <address>"
    command options if none of the NUMA nodes in in a multi-node CONFIG_SLAB
    system have a node ID of 0.  Without the patch, "kmem -s" and "kmem -S"
    show all slab caches as if they contain no slabs; if an <address> is
    specified, the correct slab cache is found, but the command indicates
    "kmem: <slab-cache-name>: address not found in cache: <address>".
  * Cosmetic fix for the "kmem -[sS]" options if a CONFIG_SLAB kernel slab
    cache contains 100000 or more slabs, or uses a slab size of 1 or more
    megabytes.  Without the patch, the output utilizes more than 80 columns.
  * If a task was in user-space when a crash occurred, the user-space
    registers are saved in per-cpu NT_PRSTATUS ELF notes in either version 4
    compressed kdump headers, or in dumpfile headers created by the Fujitsu
    "sadump" facility.  In that case, the "bt" command will dump the x86 or
    x86_64 user-space register set.
  * Fix for the x86 "bt" command to handle cases where the shutdown NMI was
    received when a task had just received an interrupt, but before it had
    created a full exception frame on the kernel stack and called the
    interrupt handler.  Without the patch, the backtrace would be proceeded
    with the error message "bt: cannot resolve stack trace", display the trace
    without the kernel-entry exception frame, and then dump the text symbols
    found on the stack and all possible exception frames.
  * Fix for the x86 "bt" command to handle cases where the shutdown NMI was
    received when a task was in the act of being switched to.  Without the
    patch, the backtrace would be proceeded with the error message "bt: cannot
    resolve stack trace", display the trace without the kernel-entry exception
    frame, and then dump the text symbols found on the stack and all possible
    exception frames.
 -- Stefan Bader <stefan.bader@xxxxxxxxxxxxx>   Tue, 11 Jun 2013 17:32:56 +0200

** Changed in: crash (Ubuntu Precise)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-3509

** Changed in: crash (Ubuntu Quantal)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to crash in Ubuntu.
https://bugs.launchpad.net/bugs/251288

Title:
  Crash should depend on binutils

Status in “crash” package in Ubuntu:
  Fix Released
Status in “crash” source package in Precise:
  Fix Released
Status in “crash” source package in Quantal:
  Fix Released
Status in “crash” source package in Raring:
  Fix Released
Status in “crash” package in Debian:
  Fix Released

Bug description:
  Binary package hint: crash

  Crash seems to depend on the program "strings" (in binutils package)
  to match vmcore dumps to vmlinux kernels. If you try to run crash
  without binutils installed, it will fail saying the vmlinux image and
  dump do not match (along with an error further up reporting that
  "strings" is not found).

  Crash should have binutils package added to its deps.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/crash/+bug/251288/+subscriptions