[Crash-utility] question about phys_base

Dave Anderson anderson at redhat.com
Fri Feb 24 13:37:11 UTC 2012 


----- Original Message -----
> At 02/17/2012 10:20 PM, Dave Anderson Wrote:
> > 
> > 
> > ----- Original Message -----
> >> At 02/17/2012 12:30 AM, Dave Anderson Wrote:
> > 
> >>>> Yes. Even if the guest is linux, it is still impossible to do it.  Because
> >>>> the guest maybe in the second kernel.
> >>>>
> >>>> qemu-dump walks all guest's page table and collect virtual address and
> >>>> physical address mapping. If the page is not used by guest, the virtual is set
> >>>> to 0.  I create PT_LOAD according to such mapping. So if the guest linux,
> >>>> there may be a PT_LOAD segment that describes __START_KERNEL_map region.
> >>>> But the information stored in PT_LOAD maybe for the second. If crash
> >>>> uses it, crash will see the second kernel, not the first kernel.
> >>>
> >>> Just to be clear -- what do you mean by the "second" kernel?  Do you
> >>> mean that a guest kernel crashed guest, and did a kdump operation,
> >>> and that second kdump kernel failed somehow, and now you're trying
> >>> to do a "virsh dump" on the kdump kernel?
> >>
> >> Yes, the second kernel means kdump kernel. If kdump failed, the user can
> >> use it to dump the guest's memory.
> > 
> > OK, so will your code present two different "types" of ELF headers?
> 
> I donot understand what do you want to say.
> Do you mean there is two ELF headers in qemu-generated vmcore?

No.  What I want to understand is how x86_64_calc_phys_base() will
be able to confidently recognize that an ELF file was qemu-generated,
so that it can then do the right thing.

And from your description, it sounds like there will be different PT_LOAD
descriptors based upon whether it's the first or second kernel.  And
the difference between the two would be based upon which (if any) of the
following statements are true:

 (1) first kernel -- contains a valid __START_KERNEL_map PT_LOAD segment
 (2) first kernel -- does *not* contain a __START_KERNEL_map PT_LOAD segment 
 (3) second kernel -- contains an invalid (first kernel) __START_KERNEL_map PT_LOAD segment 
 (4) second kernel -- does *not* contain a __START_KERNEL_map PT_LOAD segment
 (5) ???

What will differentiate qemu-generated ELF headers from kdump-generated ELF
headers?

Dave

More information about the Crash-utility mailing list