10:30 a.m.
----- Original Message -----
>
> OK, so then I don't understand what you mean by "may be the same"?
>
> You didn't answer my original question, but if I understand you correctly,
> it would be impossible for the qemu host to create a PT_LOAD segment that
> describes an x86_64 guest's __START_KERNEL_map region, because the host
> doesn't know that what kind of kernel the guest is running.
Yes. Even if the guest is linux, it is still impossible to do it. Because
the guest maybe in the second kernel.
qemu-dump walks all guest's page table and collect virtual address and
physical address mapping. If the page is not used by guest, the virtual is set
to 0. I create PT_LOAD according to such mapping. So if the guest is linux,
there may be a PT_LOAD segment that describes __START_KERNEL_map region.
But the information stored in PT_LOAD maybe for the second kernel. If crash
uses it, crash will see the second kernel, not the first kernel.
Just to be clear -- what do you mean by the "second" kernel? Do you
mean that a guest kernel crashed guest, and did a kdump operation,
and that second kdump kernel failed somehow, and now you're trying
to do a "virsh dump" on the kdump kernel?
Dave
6:40 p.m.
New subject: question about phys_base
At 02/17/2012 12:30 AM, Dave Anderson Wrote:
----- Original Message -----
>>
>> OK, so then I don't understand what you mean by "may be the same"?
>>
>> You didn't answer my original question, but if I understand you correctly,
>> it would be impossible for the qemu host to create a PT_LOAD segment that
>> describes an x86_64 guest's __START_KERNEL_map region, because the host
>> doesn't know that what kind of kernel the guest is running.
>
> Yes. Even if the guest is linux, it is still impossible to do it. Because
> the guest maybe in the second kernel.
>
> qemu-dump walks all guest's page table and collect virtual address and
> physical address mapping. If the page is not used by guest, the virtual is set
> to 0. I create PT_LOAD according to such mapping. So if the guest is linux,
> there may be a PT_LOAD segment that describes __START_KERNEL_map region.
> But the information stored in PT_LOAD maybe for the second kernel. If crash
> uses it, crash will see the second kernel, not the first kernel.
Just to be clear -- what do you mean by the "second" kernel? Do you
mean that a guest kernel crashed guest, and did a kdump operation,
and that second kdump kernel failed somehow, and now you're trying
to do a "virsh dump" on the kdump kernel?
Yes, the second kernel means kdump kernel. If kdump failed, the user can
use it to dump the guest's memory.
Thanks
Wen Congyang
Dave
8:20 a.m.
New subject: question about phys_base
----- Original Message -----
At 02/17/2012 12:30 AM, Dave Anderson Wrote:
>> Yes. Even if the guest is linux, it is still impossible to
do it. Because
>> the guest maybe in the second kernel.
>>
>> qemu-dump walks all guest's page table and collect virtual address and
>> physical address mapping. If the page is not used by guest, the virtual is set
>> to 0. I create PT_LOAD according to such mapping. So if the guest linux,
>> there may be a PT_LOAD segment that describes __START_KERNEL_map region.
>> But the information stored in PT_LOAD maybe for the second kernel. If crash
>> uses it, crash will see the second kernel, not the first kernel.
>
> Just to be clear -- what do you mean by the "second" kernel? Do you
> mean that a guest kernel crashed guest, and did a kdump operation,
> and that second kdump kernel failed somehow, and now you're trying
> to do a "virsh dump" on the kdump kernel?
Yes, the second kernel means kdump kernel. If kdump failed, the user can
use it to dump the guest's memory.
OK, so will your code present two different "types" of ELF headers?
Dave
2:07 a.m.
New subject: question about phys_base
At 02/17/2012 10:20 PM, Dave Anderson Wrote:
----- Original Message -----
> At 02/17/2012 12:30 AM, Dave Anderson Wrote:
>>> Yes. Even if the guest is linux, it is still impossible to do it. Because
>>> the guest maybe in the second kernel.
>>>
>>> qemu-dump walks all guest's page table and collect virtual address and
>>> physical address mapping. If the page is not used by guest, the virtual is
set
>>> to 0. I create PT_LOAD according to such mapping. So if the guest linux,
>>> there may be a PT_LOAD segment that describes __START_KERNEL_map region.
>>> But the information stored in PT_LOAD maybe for the second kernel. If crash
>>> uses it, crash will see the second kernel, not the first kernel.
>>
>> Just to be clear -- what do you mean by the "second" kernel? Do you
>> mean that a guest kernel crashed guest, and did a kdump operation,
>> and that second kdump kernel failed somehow, and now you're trying
>> to do a "virsh dump" on the kdump kernel?
>
> Yes, the second kernel means kdump kernel. If kdump failed, the user can
> use it to dump the guest's memory.
OK, so will your code present two different "types" of ELF headers?
I donot understand what do you want to say.
Do you mean there is two ELF headers in qemu-generated vmcore?
Thanks
Wen Congyang
Dave
7:37 a.m.
New subject: question about phys_base
----- Original Message -----
At 02/17/2012 10:20 PM, Dave Anderson Wrote:
>
>
> ----- Original Message -----
>> At 02/17/2012 12:30 AM, Dave Anderson Wrote:
>
>>>> Yes. Even if the guest is linux, it is still impossible to do it.
Because
>>>> the guest maybe in the second kernel.
>>>>
>>>> qemu-dump walks all guest's page table and collect virtual address
and
>>>> physical address mapping. If the page is not used by guest, the virtual
is set
>>>> to 0. I create PT_LOAD according to such mapping. So if the guest
linux,
>>>> there may be a PT_LOAD segment that describes __START_KERNEL_map
region.
>>>> But the information stored in PT_LOAD maybe for the second. If crash
>>>> uses it, crash will see the second kernel, not the first kernel.
>>>
>>> Just to be clear -- what do you mean by the "second" kernel? Do
you
>>> mean that a guest kernel crashed guest, and did a kdump operation,
>>> and that second kdump kernel failed somehow, and now you're trying
>>> to do a "virsh dump" on the kdump kernel?
>>
>> Yes, the second kernel means kdump kernel. If kdump failed, the user can
>> use it to dump the guest's memory.
>
> OK, so will your code present two different "types" of ELF headers?
I donot understand what do you want to say.
Do you mean there is two ELF headers in qemu-generated vmcore?
No. What I want to understand is how x86_64_calc_phys_base() will
be able to confidently recognize that an ELF file was qemu-generated,
so that it can then do the right thing.
And from your description, it sounds like there will be different PT_LOAD
descriptors based upon whether it's the first or second kernel. And
the difference between the two would be based upon which (if any) of the
following statements are true:
(1) first kernel -- contains a valid __START_KERNEL_map PT_LOAD segment
(2) first kernel -- does *not* contain a __START_KERNEL_map PT_LOAD segment
(3) second kernel -- contains an invalid (first kernel) __START_KERNEL_map PT_LOAD
segment
(4) second kernel -- does *not* contain a __START_KERNEL_map PT_LOAD segment
(5) ???
What will differentiate qemu-generated ELF headers from kdump-generated ELF
headers?
Dave
7:01 p.m.
New subject: question about phys_base
At 02/24/2012 09:37 PM, Dave Anderson Wrote:
----- Original Message -----
> At 02/17/2012 10:20 PM, Dave Anderson Wrote:
>>
>>
>> ----- Original Message -----
>>> At 02/17/2012 12:30 AM, Dave Anderson Wrote:
>>
>>>>> Yes. Even if the guest is linux, it is still impossible to do it.
Because
>>>>> the guest maybe in the second kernel.
>>>>>
>>>>> qemu-dump walks all guest's page table and collect virtual
address and
>>>>> physical address mapping. If the page is not used by guest, the
virtual is set
>>>>> to 0. I create PT_LOAD according to such mapping. So if the guest
linux,
>>>>> there may be a PT_LOAD segment that describes __START_KERNEL_map
region.
>>>>> But the information stored in PT_LOAD maybe for the second. If crash
>>>>> uses it, crash will see the second kernel, not the first kernel.
>>>>
>>>> Just to be clear -- what do you mean by the "second" kernel?
Do you
>>>> mean that a guest kernel crashed guest, and did a kdump operation,
>>>> and that second kdump kernel failed somehow, and now you're trying
>>>> to do a "virsh dump" on the kdump kernel?
>>>
>>> Yes, the second kernel means kdump kernel. If kdump failed, the user can
>>> use it to dump the guest's memory.
>>
>> OK, so will your code present two different "types" of ELF headers?
>
> I donot understand what do you want to say.
> Do you mean there is two ELF headers in qemu-generated vmcore?
No. What I want to understand is how x86_64_calc_phys_base() will
be able to confidently recognize that an ELF file was qemu-generated,
so that it can then do the right thing.
And from your description, it sounds like there will be different PT_LOAD
descriptors based upon whether it's the first or second kernel. And
the difference between the two would be based upon which (if any) of the
following statements are true:
(1) first kernel -- contains a valid __START_KERNEL_map PT_LOAD segment
(2) first kernel -- does *not* contain a __START_KERNEL_map PT_LOAD segment
(3) second kernel -- contains an invalid (first kernel) __START_KERNEL_map PT_LOAD
segment
(4) second kernel -- does *not* contain a __START_KERNEL_map PT_LOAD segment
(5) ???
The guest is in first kernel:
# readelf /tmp/vm2.save -l| grep 0xffffffff8
LOAD 0x00000000010226b8 0xffffffff81000000 0x0000000001000000
LOAD 0x00000000010226b8 0xffffffff81000000 0x0000000001000000
LOAD 0x00000000010226b8 0xffffffff81000000 0x0000000001000000
LOAD 0x00000000010226b8 0xffffffff81000000 0x0000000001000000
The guest is in the second kernel(vcpu > 1)
]# readelf /tmp/vm2.save2 -l| grep 0xffffffff8
LOAD 0x0000000001017be0 0xffffffff81000000 0x0000000001000000
LOAD 0x0000000001017be0 0xffffffff81000000 0x0000000001000000
LOAD 0x0000000001017be0 0xffffffff81000000 0x0000000001000000
LOAD 0x0000000004017be0 0xffffffff81000000 0x0000000004000000
The guest is in the second kernel(vcpu = 1)
[root@ghost ~]# readelf /tmp/vm2.save3 -l| grep 0xffffffff8
LOAD 0x0000000004001e4c 0xffffffff81000000 0x0000000004000000
I donot find differentiate qemu-genetated ELF headers from dump-generated ELF
headers.
Thanks
Wen Congyang
What will differentiate qemu-generated ELF headers from kdump-generated ELF
headers?
Dave
8:10 a.m.
New subject: question about phys_base
----- Original Message -----
>
> No. What I want to understand is how x86_64_calc_phys_base() will
> be able to confidently recognize that an ELF file was qemu-generated,
> so that it can then do the right thing.
The guest is in first kernel:
# readelf /tmp/vm2.save -l| grep 0xffffffff8
LOAD 0x00000000010226b8 0xffffffff81000000 0x0000000001000000
LOAD 0x00000000010226b8 0xffffffff81000000 0x0000000001000000
LOAD 0x00000000010226b8 0xffffffff81000000 0x0000000001000000
LOAD 0x00000000010226b8 0xffffffff81000000 0x0000000001000000
Why are there multiple segments describing the same virtual/physical region?
Is there one START_KERNEL_map segment for each vcpu? Are their FileSiz/MemSiz
values all the same?
The guest is in the second kernel(vcpu > 1)
]# readelf /tmp/vm2.save2 -l| grep 0xffffffff8
LOAD 0x0000000001017be0 0xffffffff81000000 0x0000000001000000
LOAD 0x0000000001017be0 0xffffffff81000000 0x0000000001000000
LOAD 0x0000000001017be0 0xffffffff81000000 0x0000000001000000
LOAD 0x0000000004017be0 0xffffffff81000000 0x0000000004000000
Again, it's not clear why there are multiple segments with the same
same virtual address, but I'm guessing that the one segment that starts
at 0x0000000004000000 is associated with the second kernel, and the other
ones are for vcpus that ran in the first kernel?
The guest is in the second kernel(vcpu = 1)
[root@ghost ~]# readelf /tmp/vm2.save3 -l| grep 0xffffffff8
LOAD 0x0000000004001e4c 0xffffffff81000000 0x0000000004000000
I donot find differentiate qemu-genetated ELF headers from dump-generated ELF
headers.
Kdump-generated vmcores cannot have multiple START_KERNEL_map segments.
But with dumps where (vpcu = 1), there could be confusion since it's not obvious
if START_KERNEL_map region belongs to the first or second kernel.
That being the case, I don't see how this can be supported cleanly by the crash'
utility unless there is a NOTE, or some other obvious identifier, that absolutely
confirms that the dumpfile was qemu-generated.
Dave
11:10 p.m.
New subject: question about phys_base
At 02/27/2012 10:10 PM, Dave Anderson Wrote:
----- Original Message -----
>>
>> No. What I want to understand is how x86_64_calc_phys_base() will
>> be able to confidently recognize that an ELF file was qemu-generated,
>> so that it can then do the right thing.
> The guest is in first kernel:
> # readelf /tmp/vm2.save -l| grep 0xffffffff8
> LOAD 0x00000000010226b8 0xffffffff81000000 0x0000000001000000
> LOAD 0x00000000010226b8 0xffffffff81000000 0x0000000001000000
> LOAD 0x00000000010226b8 0xffffffff81000000 0x0000000001000000
> LOAD 0x00000000010226b8 0xffffffff81000000 0x0000000001000000
Why are there multiple segments describing the same virtual/physical region?
Is there one START_KERNEL_map segment for each vcpu? Are their FileSiz/MemSiz
values all the same?
Thanks for pointing this problem. I update the qemu side's patch:
The guest is in first kernel(vcpu: 4):
# readelf /tmp/vm2.save -l| grep 0xffffffff8
LOAD 0x000000000100f360 0xffffffff81000000 0x0000000001000000
The guest is in the second kernel(vcpu: 4)
# readelf /tmp/vm2.save2 -l| grep 0xffffffff8
LOAD 0x000000000100eb10 0xffffffff81000000 0x0000000001000000
LOAD 0x000000000400eb10 0xffffffff81000000 0x0000000004000000
The guest is in the second kernel(vcpu: 1)
[root@ghost ~]# readelf /tmp/vm2.save3 -l| grep 0xffffffff8
LOAD 0x0000000004001cfc 0xffffffff81000000 0x0000000004000000
> The guest is in the second kernel(vcpu > 1)
> ]# readelf /tmp/vm2.save2 -l| grep 0xffffffff8
> LOAD 0x0000000001017be0 0xffffffff81000000 0x0000000001000000
> LOAD 0x0000000001017be0 0xffffffff81000000 0x0000000001000000
> LOAD 0x0000000001017be0 0xffffffff81000000 0x0000000001000000
> LOAD 0x0000000004017be0 0xffffffff81000000 0x0000000004000000
Again, it's not clear why there are multiple segments with the same
same virtual address, but I'm guessing that the one segment that starts
at 0x0000000004000000 is associated with the second kernel, and the other
ones are for vcpus that ran in the first kernel?
> The guest is in the second kernel(vcpu = 1)
> [root@ghost ~]# readelf /tmp/vm2.save3 -l| grep 0xffffffff8
> LOAD 0x0000000004001e4c 0xffffffff81000000 0x0000000004000000
>
> I donot find differentiate qemu-genetated ELF headers from dump-generated ELF
> headers.
Kdump-generated vmcores cannot have multiple START_KERNEL_map segments.
But with dumps where (vpcu = 1), there could be confusion since it's not obvious
if START_KERNEL_map region belongs to the first or second kernel.
That being the case, I don't see how this can be supported cleanly by the crash'
utility unless there is a NOTE, or some other obvious identifier, that absolutely
confirms that the dumpfile was qemu-generated.
The note information stored in qemu-generated core:
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
NOTE 0x000000000000edd0 0x0000000000000000 0x0000000000000000
0x0000000000000590 0x0000000000000590 0
I think its format is the same as kdump's vmcore. Does kdump-generated core's
virtaddr is always 0? If so, What about to set virt_addr to -1 in qemu-generated
core?
Thanks
Wen Congyang
Dave
8:14 a.m.
New subject: question about phys_base
From: Wen Congyang <wency(a)cn.fujitsu.com>
Subject: Re: [Crash-utility] question about phys_base
Date: Tue, 28 Feb 2012 13:10:38 +0800
At 02/27/2012 10:10 PM, Dave Anderson Wrote:
>> The guest is in the second kernel(vcpu > 1)
>> ]# readelf /tmp/vm2.save2 -l| grep 0xffffffff8
>> LOAD 0x0000000001017be0 0xffffffff81000000 0x0000000001000000
>> LOAD 0x0000000001017be0 0xffffffff81000000 0x0000000001000000
>> LOAD 0x0000000001017be0 0xffffffff81000000 0x0000000001000000
>> LOAD 0x0000000004017be0 0xffffffff81000000 0x0000000004000000
>
> Again, it's not clear why there are multiple segments with the same
> same virtual address, but I'm guessing that the one segment that starts
> at 0x0000000004000000 is associated with the second kernel, and the other
> ones are for vcpus that ran in the first kernel?
>
>> The guest is in the second kernel(vcpu = 1)
>> [root@ghost ~]# readelf /tmp/vm2.save3 -l| grep 0xffffffff8
>> LOAD 0x0000000004001e4c 0xffffffff81000000 0x0000000004000000
>>
>> I donot find differentiate qemu-genetated ELF headers from dump-generated ELF
>> headers.
>
> Kdump-generated vmcores cannot have multiple START_KERNEL_map segments.
> But with dumps where (vpcu = 1), there could be confusion since it's not obvious
> if START_KERNEL_map region belongs to the first or second kernel.
>
> That being the case, I don't see how this can be supported cleanly by the
crash'
> utility unless there is a NOTE, or some other obvious identifier, that absolutely
> confirms that the dumpfile was qemu-generated.
The note information stored in qemu-generated core:
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
NOTE 0x000000000000edd0 0x0000000000000000 0x0000000000000000
0x0000000000000590 0x0000000000000590 0
I think its format is the same as kdump's vmcore. Does kdump-generated core's
virtaddr is always 0? If so, What about to set virt_addr to -1 in qemu-generated
core?
In general, such characteristic should not be used. You should prepare
a solid interface. Even if using them, it should be limited to as
workaround to avoid some issue.
Why not use qemu's CPU state? Include it as note information with good
name, and we can use it to distinguish which. Like:
$ readelf -n vmcore
Notes at offset 0x000001c8 with length 0x00000838:
Owner Data size Description
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
QEMU 0x00000557 Unknown note type: (0x00000000)
Or QEMUCPUState is better?
Thanks.
HATAYAMA, Daisuke
2:36 a.m.
New subject: question about phys_base
At 02/28/2012 02:30 PM, HATAYAMA Daisuke Wrote:
From: Wen Congyang <wency(a)cn.fujitsu.com>
Subject: Re: [Crash-utility] question about phys_base
Date: Tue, 28 Feb 2012 13:10:38 +0800
> At 02/27/2012 10:10 PM, Dave Anderson Wrote:
>>> The guest is in the second kernel(vcpu > 1)
>>> ]# readelf /tmp/vm2.save2 -l| grep 0xffffffff8
>>> LOAD 0x0000000001017be0 0xffffffff81000000 0x0000000001000000
>>> LOAD 0x0000000001017be0 0xffffffff81000000 0x0000000001000000
>>> LOAD 0x0000000001017be0 0xffffffff81000000 0x0000000001000000
>>> LOAD 0x0000000004017be0 0xffffffff81000000 0x0000000004000000
>>
>> Again, it's not clear why there are multiple segments with the same
>> same virtual address, but I'm guessing that the one segment that starts
>> at 0x0000000004000000 is associated with the second kernel, and the other
>> ones are for vcpus that ran in the first kernel?
>>
>>> The guest is in the second kernel(vcpu = 1)
>>> [root@ghost ~]# readelf /tmp/vm2.save3 -l| grep 0xffffffff8
>>> LOAD 0x0000000004001e4c 0xffffffff81000000 0x0000000004000000
>>>
>>> I donot find differentiate qemu-genetated ELF headers from dump-generated
ELF
>>> headers.
>>
>> Kdump-generated vmcores cannot have multiple START_KERNEL_map segments.
>> But with dumps where (vpcu = 1), there could be confusion since it's not
obvious
>> if START_KERNEL_map region belongs to the first or second kernel.
>>
>> That being the case, I don't see how this can be supported cleanly by the
crash'
>> utility unless there is a NOTE, or some other obvious identifier, that
absolutely
>> confirms that the dumpfile was qemu-generated.
>
> The note information stored in qemu-generated core:
> Program Headers:
> Type Offset VirtAddr PhysAddr
> FileSiz MemSiz Flags Align
> NOTE 0x000000000000edd0 0x0000000000000000 0x0000000000000000
> 0x0000000000000590 0x0000000000000590 0
>
> I think its format is the same as kdump's vmcore. Does kdump-generated
core's
> virtaddr is always 0? If so, What about to set virt_addr to -1 in qemu-generated
> core?
>
In general, such characteristic should not be used. You should prepare
a solid interface. Even if using them, it should be limited to as
workaround to avoid some issue.
Why not use qemu's CPU state? Include it as note information with good
name, and we can use it to distinguish which. Like:
$ readelf -n vmcore
Notes at offset 0x000001c8 with length 0x00000838:
Owner Data size Description
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
QEMU 0x00000557 Unknown note type: (0x00000000)
Or QEMUCPUState is better?
Good idea. I will try it, and hope gdb can also work.
Thanks
Wen Congyang
Thanks.
HATAYAMA, Daisuke
8:14 a.m.
New subject: question about phys_base
From: Wen Congyang <wency(a)cn.fujitsu.com>
Subject: Re: [Crash-utility] question about phys_base
Date: Tue, 28 Feb 2012 16:36:59 +0800
At 02/28/2012 02:30 PM, HATAYAMA Daisuke Wrote:
> From: Wen Congyang <wency(a)cn.fujitsu.com>
> Subject: Re: [Crash-utility] question about phys_base
> Date: Tue, 28 Feb 2012 13:10:38 +0800
>
>> At 02/27/2012 10:10 PM, Dave Anderson Wrote:
>
>>>> The guest is in the second kernel(vcpu > 1)
>>>> ]# readelf /tmp/vm2.save2 -l| grep 0xffffffff8
>>>> LOAD 0x0000000001017be0 0xffffffff81000000
0x0000000001000000
>>>> LOAD 0x0000000001017be0 0xffffffff81000000
0x0000000001000000
>>>> LOAD 0x0000000001017be0 0xffffffff81000000
0x0000000001000000
>>>> LOAD 0x0000000004017be0 0xffffffff81000000
0x0000000004000000
>>>
>>> Again, it's not clear why there are multiple segments with the same
>>> same virtual address, but I'm guessing that the one segment that starts
>>> at 0x0000000004000000 is associated with the second kernel, and the other
>>> ones are for vcpus that ran in the first kernel?
>>>
>>>> The guest is in the second kernel(vcpu = 1)
>>>> [root@ghost ~]# readelf /tmp/vm2.save3 -l| grep 0xffffffff8
>>>> LOAD 0x0000000004001e4c 0xffffffff81000000
0x0000000004000000
>>>>
>>>> I donot find differentiate qemu-genetated ELF headers from dump-generated
ELF
>>>> headers.
>>>
>>> Kdump-generated vmcores cannot have multiple START_KERNEL_map segments.
>>> But with dumps where (vpcu = 1), there could be confusion since it's not
obvious
>>> if START_KERNEL_map region belongs to the first or second kernel.
>>>
>>> That being the case, I don't see how this can be supported cleanly by the
crash'
>>> utility unless there is a NOTE, or some other obvious identifier, that
absolutely
>>> confirms that the dumpfile was qemu-generated.
>>
>> The note information stored in qemu-generated core:
>> Program Headers:
>> Type Offset VirtAddr PhysAddr
>> FileSiz MemSiz Flags Align
>> NOTE 0x000000000000edd0 0x0000000000000000 0x0000000000000000
>> 0x0000000000000590 0x0000000000000590 0
>>
>> I think its format is the same as kdump's vmcore. Does kdump-generated
core's
>> virtaddr is always 0? If so, What about to set virt_addr to -1 in qemu-generated
>> core?
>>
>
> In general, such characteristic should not be used. You should prepare
> a solid interface. Even if using them, it should be limited to as
> workaround to avoid some issue.
>
> Why not use qemu's CPU state? Include it as note information with good
> name, and we can use it to distinguish which. Like:
>
> $ readelf -n vmcore
>
> Notes at offset 0x000001c8 with length 0x00000838:
> Owner Data size Description
> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
> QEMU 0x00000557 Unknown note type: (0x00000000)
>
> Or QEMUCPUState is better?
Good idea. I will try it, and hope gdb can also work.
Tools basically ignore unknown notes. Looking into gdb, it appears to
ignore unknown information.
static bfd_boolean
elfcore_grok_note (bfd *abfd, Elf_Internal_Note *note)
{
const struct elf_backend_data *bed = get_elf_backend_data (abfd);
switch (note->type)
{
default:
return TRUE;
<cut>
You might need to add new command to output contents of new note if
it's necessary.
Thanks.
HATAYAMA, Daisuke
3:04 a.m.
New subject: question about phys_base
At 02/28/2012 04:52 PM, HATAYAMA Daisuke Wrote:
From: Wen Congyang <wency(a)cn.fujitsu.com>
Subject: Re: [Crash-utility] question about phys_base
Date: Tue, 28 Feb 2012 16:36:59 +0800
> At 02/28/2012 02:30 PM, HATAYAMA Daisuke Wrote:
>> From: Wen Congyang <wency(a)cn.fujitsu.com>
>> Subject: Re: [Crash-utility] question about phys_base
>> Date: Tue, 28 Feb 2012 13:10:38 +0800
>>
>>> At 02/27/2012 10:10 PM, Dave Anderson Wrote:
>>
>>>>> The guest is in the second kernel(vcpu > 1)
>>>>> ]# readelf /tmp/vm2.save2 -l| grep 0xffffffff8
>>>>> LOAD 0x0000000001017be0 0xffffffff81000000
0x0000000001000000
>>>>> LOAD 0x0000000001017be0 0xffffffff81000000
0x0000000001000000
>>>>> LOAD 0x0000000001017be0 0xffffffff81000000
0x0000000001000000
>>>>> LOAD 0x0000000004017be0 0xffffffff81000000
0x0000000004000000
>>>>
>>>> Again, it's not clear why there are multiple segments with the same
>>>> same virtual address, but I'm guessing that the one segment that
starts
>>>> at 0x0000000004000000 is associated with the second kernel, and the
other
>>>> ones are for vcpus that ran in the first kernel?
>>>>
>>>>> The guest is in the second kernel(vcpu = 1)
>>>>> [root@ghost ~]# readelf /tmp/vm2.save3 -l| grep 0xffffffff8
>>>>> LOAD 0x0000000004001e4c 0xffffffff81000000
0x0000000004000000
>>>>>
>>>>> I donot find differentiate qemu-genetated ELF headers from
dump-generated ELF
>>>>> headers.
>>>>
>>>> Kdump-generated vmcores cannot have multiple START_KERNEL_map segments.
>>>> But with dumps where (vpcu = 1), there could be confusion since it's
not obvious
>>>> if START_KERNEL_map region belongs to the first or second kernel.
>>>>
>>>> That being the case, I don't see how this can be supported cleanly by
the crash'
>>>> utility unless there is a NOTE, or some other obvious identifier, that
absolutely
>>>> confirms that the dumpfile was qemu-generated.
>>>
>>> The note information stored in qemu-generated core:
>>> Program Headers:
>>> Type Offset VirtAddr PhysAddr
>>> FileSiz MemSiz Flags Align
>>> NOTE 0x000000000000edd0 0x0000000000000000 0x0000000000000000
>>> 0x0000000000000590 0x0000000000000590 0
>>>
>>> I think its format is the same as kdump's vmcore. Does kdump-generated
core's
>>> virtaddr is always 0? If so, What about to set virt_addr to -1 in
qemu-generated
>>> core?
>>>
>>
>> In general, such characteristic should not be used. You should prepare
>> a solid interface. Even if using them, it should be limited to as
>> workaround to avoid some issue.
>>
>> Why not use qemu's CPU state? Include it as note information with good
>> name, and we can use it to distinguish which. Like:
>>
>> $ readelf -n vmcore
>>
>> Notes at offset 0x000001c8 with length 0x00000838:
>> Owner Data size Description
>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>> QEMU 0x00000557 Unknown note type: (0x00000000)
>>
>> Or QEMUCPUState is better?
>
> Good idea. I will try it, and hope gdb can also work.
>
Tools basically ignore unknown notes. Looking into gdb, it appears to
ignore unknown information.
static bfd_boolean
elfcore_grok_note (bfd *abfd, Elf_Internal_Note *note)
{
const struct elf_backend_data *bed = get_elf_backend_data (abfd);
switch (note->type)
{
default:
return TRUE;
<cut>
You might need to add new command to output contents of new note if
it's necessary.
My goal is:
1. gdb uses NT_PRSTATUS, and can work well
2. crash uses unknown notes, and can get phys_base from it.
Another question:
What is QEMUCPUState? I donot find its definition?
What note->type shoule be for "QEMU"? If we choose an unused value, the
value may be used in the future.
Thanks
Wen Congyang
Thanks.
HATAYAMA, Daisuke
8:44 a.m.
New subject: question about phys_base
----- Original Message -----
At 02/28/2012 04:52 PM, HATAYAMA Daisuke Wrote:
>>> In general, such characteristic should not be used. You
should prepare
>>> a solid interface. Even if using them, it should be limited to as
>>> workaround to avoid some issue.
>>>
>>> Why not use qemu's CPU state? Include it as note information with good
>>> name, and we can use it to distinguish which. Like:
>>>
>>> $ readelf -n vmcore
>>>
>>> Notes at offset 0x000001c8 with length 0x00000838:
>>> Owner Data size Description
>>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>>> QEMU 0x00000557 Unknown note type: (0x00000000)
>>>
>>> Or QEMUCPUState is better?
>>
>> Good idea. I will try it, and hope gdb can also work.
>>
>
> Tools basically ignore unknown notes. Looking into gdb, it appears to
> ignore unknown information.
>
> static bfd_boolean
> elfcore_grok_note (bfd *abfd, Elf_Internal_Note *note)
> {
> const struct elf_backend_data *bed = get_elf_backend_data (abfd);
>
> switch (note->type)
> {
> default:
> return TRUE;
> <cut>
>
> You might need to add new command to output contents of new note if
> it's necessary.
My goal is:
1. gdb uses NT_PRSTATUS, and can work well
2. crash uses unknown notes, and can get phys_base from it.
Another question:
What is QEMUCPUState? I donot find its definition?
It's just the note's name character string. Either "QEMU",
"QEMUCPUState",
or whatever unique character string you prefer would suffice.
What note->type shoule be for "QEMU"? If we choose an
unused value, the
value may be used in the future.
Why not do the same thing as the "VMCOREINFO" note, and leave it
as an "illegal/unknown" type of 0::
$ cat /usr/include/elf.h
... [ cut ] ...
/* Legal values for note segment descriptor types for core files. */
#define NT_PRSTATUS 1 /* Contains copy of prstatus struct */
#define NT_FPREGSET 2 /* Contains copy of fpregset struct */
#define NT_PRPSINFO 3 /* Contains copy of prpsinfo struct */
...
$
$ readelf -a vmcore
... [ cut ] ...
Notes at offset 0x00000190 with length 0x00000f1c:
Owner Data size Description
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
VMCOREINFO 0x000003e4 Unknown note type: (0x00000000)
$
Dave
8:14 a.m.
New subject: question about phys_base
From: Dave Anderson <anderson(a)redhat.com>
Subject: Re: [Crash-utility] question about phys_base
Date: Tue, 28 Feb 2012 09:44:09 -0500 (EST)
----- Original Message -----
> At 02/28/2012 04:52 PM, HATAYAMA Daisuke Wrote:
> >>> In general, such characteristic should not be used. You should prepare
> >>> a solid interface. Even if using them, it should be limited to as
> >>> workaround to avoid some issue.
> >>>
> >>> Why not use qemu's CPU state? Include it as note information with
good
> >>> name, and we can use it to distinguish which. Like:
> >>>
> >>> $ readelf -n vmcore
> >>>
> >>> Notes at offset 0x000001c8 with length 0x00000838:
> >>> Owner Data size Description
> >>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
> >>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
> >>> QEMU 0x00000557 Unknown note type: (0x00000000)
> >>>
> >>> Or QEMUCPUState is better?
> >>
> >> Good idea. I will try it, and hope gdb can also work.
> >>
> >
> > Tools basically ignore unknown notes. Looking into gdb, it appears to
> > ignore unknown information.
> >
> > static bfd_boolean
> > elfcore_grok_note (bfd *abfd, Elf_Internal_Note *note)
> > {
> > const struct elf_backend_data *bed = get_elf_backend_data (abfd);
> >
> > switch (note->type)
> > {
> > default:
> > return TRUE;
> > <cut>
> >
> > You might need to add new command to output contents of new note if
> > it's necessary.
>
> My goal is:
> 1. gdb uses NT_PRSTATUS, and can work well
> 2. crash uses unknown notes, and can get phys_base from it.
>
> Another question:
>
> What is QEMUCPUState? I donot find its definition?
It's just the note's name character string. Either "QEMU",
"QEMUCPUState",
or whatever unique character string you prefer would suffice.
> What note->type shoule be for "QEMU"? If we choose an unused value, the
> value may be used in the future.
Why not do the same thing as the "VMCOREINFO" note, and leave it
as an "illegal/unknown" type of 0::
$ cat /usr/include/elf.h
... [ cut ] ...
/* Legal values for note segment descriptor types for core files. */
#define NT_PRSTATUS 1 /* Contains copy of prstatus struct */
#define NT_FPREGSET 2 /* Contains copy of fpregset struct */
#define NT_PRPSINFO 3 /* Contains copy of prpsinfo struct */
...
$
$ readelf -a vmcore
... [ cut ] ...
Notes at offset 0x00000190 with length 0x00000f1c:
Owner Data size Description
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
VMCOREINFO 0x000003e4 Unknown note type: (0x00000000)
$
It looks OK to me for now.
But rigorously, it might be better to give it a name QEMU and then
prepare variety of information such as NT_CPUSTATE and others to be
needed later.
Thanks.
HATAYAMA, Daisuke
12:01 a.m.
New subject: question about phys_base
At 02/29/2012 09:04 AM, HATAYAMA Daisuke Wrote:
From: Dave Anderson <anderson(a)redhat.com>
Subject: Re: [Crash-utility] question about phys_base
Date: Tue, 28 Feb 2012 09:44:09 -0500 (EST)
>
>
> ----- Original Message -----
>> At 02/28/2012 04:52 PM, HATAYAMA Daisuke Wrote:
>
>>>>> In general, such characteristic should not be used. You should
prepare
>>>>> a solid interface. Even if using them, it should be limited to as
>>>>> workaround to avoid some issue.
>>>>>
>>>>> Why not use qemu's CPU state? Include it as note information with
good
>>>>> name, and we can use it to distinguish which. Like:
>>>>>
>>>>> $ readelf -n vmcore
>>>>>
>>>>> Notes at offset 0x000001c8 with length 0x00000838:
>>>>> Owner Data size Description
>>>>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>>>>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>>>>> QEMU 0x00000557 Unknown note type: (0x00000000)
>>>>>
>>>>> Or QEMUCPUState is better?
>>>>
>>>> Good idea. I will try it, and hope gdb can also work.
>>>>
>>>
>>> Tools basically ignore unknown notes. Looking into gdb, it appears to
>>> ignore unknown information.
>>>
>>> static bfd_boolean
>>> elfcore_grok_note (bfd *abfd, Elf_Internal_Note *note)
>>> {
>>> const struct elf_backend_data *bed = get_elf_backend_data (abfd);
>>>
>>> switch (note->type)
>>> {
>>> default:
>>> return TRUE;
>>> <cut>
>>>
>>> You might need to add new command to output contents of new note if
>>> it's necessary.
>>
>> My goal is:
>> 1. gdb uses NT_PRSTATUS, and can work well
>> 2. crash uses unknown notes, and can get phys_base from it.
>>
>> Another question:
>>
>> What is QEMUCPUState? I donot find its definition?
>
> It's just the note's name character string. Either "QEMU",
"QEMUCPUState",
> or whatever unique character string you prefer would suffice.
>
>> What note->type shoule be for "QEMU"? If we choose an unused value,
the
>> value may be used in the future.
>
> Why not do the same thing as the "VMCOREINFO" note, and leave it
> as an "illegal/unknown" type of 0::
>
> $ cat /usr/include/elf.h
> ... [ cut ] ...
>
> /* Legal values for note segment descriptor types for core files. */
>
> #define NT_PRSTATUS 1 /* Contains copy of prstatus struct */
> #define NT_FPREGSET 2 /* Contains copy of fpregset struct */
> #define NT_PRPSINFO 3 /* Contains copy of prpsinfo struct */
> ...
> $
>
> $ readelf -a vmcore
> ... [ cut ] ...
>
> Notes at offset 0x00000190 with length 0x00000f1c:
> Owner Data size Description
> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
> VMCOREINFO 0x000003e4 Unknown note type: (0x00000000)
> $
>
It looks OK to me for now.
But rigorously, it might be better to give it a name QEMU and then
prepare variety of information such as NT_CPUSTATE and others to be
needed later.
I see. I think we should decide what information should be stored in QEMUCPUState.
The CPUState in qemu cannot be used directly, because it may be changed in the furture.
I think all CPU register should be stored in QEMUCPUState. Do we need other information?
Thanks
Wen Congyang
Thanks.
HATAYAMA, Daisuke
8:14 a.m.
New subject: question about phys_base
From: Wen Congyang <wency(a)cn.fujitsu.com>
Subject: Re: [Crash-utility] question about phys_base
Date: Wed, 29 Feb 2012 14:01:44 +0800
At 02/29/2012 09:04 AM, HATAYAMA Daisuke Wrote:
> From: Dave Anderson <anderson(a)redhat.com>
> Subject: Re: [Crash-utility] question about phys_base
> Date: Tue, 28 Feb 2012 09:44:09 -0500 (EST)
>
>>
>>
>> ----- Original Message -----
>>> At 02/28/2012 04:52 PM, HATAYAMA Daisuke Wrote:
>>
>>>>>> In general, such characteristic should not be used. You should
prepare
>>>>>> a solid interface. Even if using them, it should be limited to
as
>>>>>> workaround to avoid some issue.
>>>>>>
>>>>>> Why not use qemu's CPU state? Include it as note information
with good
>>>>>> name, and we can use it to distinguish which. Like:
>>>>>>
>>>>>> $ readelf -n vmcore
>>>>>>
>>>>>> Notes at offset 0x000001c8 with length 0x00000838:
>>>>>> Owner Data size Description
>>>>>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>>>>>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>>>>>> QEMU 0x00000557 Unknown note type: (0x00000000)
>>>>>>
>>>>>> Or QEMUCPUState is better?
>>>>>
>>>>> Good idea. I will try it, and hope gdb can also work.
>>>>>
>>>>
>>>> Tools basically ignore unknown notes. Looking into gdb, it appears to
>>>> ignore unknown information.
>>>>
>>>> static bfd_boolean
>>>> elfcore_grok_note (bfd *abfd, Elf_Internal_Note *note)
>>>> {
>>>> const struct elf_backend_data *bed = get_elf_backend_data (abfd);
>>>>
>>>> switch (note->type)
>>>> {
>>>> default:
>>>> return TRUE;
>>>> <cut>
>>>>
>>>> You might need to add new command to output contents of new note if
>>>> it's necessary.
>>>
>>> My goal is:
>>> 1. gdb uses NT_PRSTATUS, and can work well
>>> 2. crash uses unknown notes, and can get phys_base from it.
>>>
>>> Another question:
>>>
>>> What is QEMUCPUState? I donot find its definition?
>>
>> It's just the note's name character string. Either "QEMU",
"QEMUCPUState",
>> or whatever unique character string you prefer would suffice.
>>
>>> What note->type shoule be for "QEMU"? If we choose an unused
value, the
>>> value may be used in the future.
>>
>> Why not do the same thing as the "VMCOREINFO" note, and leave it
>> as an "illegal/unknown" type of 0::
>>
>> $ cat /usr/include/elf.h
>> ... [ cut ] ...
>>
>> /* Legal values for note segment descriptor types for core files. */
>>
>> #define NT_PRSTATUS 1 /* Contains copy of prstatus struct */
>> #define NT_FPREGSET 2 /* Contains copy of fpregset struct */
>> #define NT_PRPSINFO 3 /* Contains copy of prpsinfo struct */
>> ...
>> $
>>
>> $ readelf -a vmcore
>> ... [ cut ] ...
>>
>> Notes at offset 0x00000190 with length 0x00000f1c:
>> Owner Data size Description
>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>> VMCOREINFO 0x000003e4 Unknown note type: (0x00000000)
>> $
>>
>
> It looks OK to me for now.
>
> But rigorously, it might be better to give it a name QEMU and then
> prepare variety of information such as NT_CPUSTATE and others to be
> needed later.
I see. I think we should decide what information should be stored in QEMUCPUState.
The CPUState in qemu cannot be used directly, because it may be changed in the furture.
I think all CPU register should be stored in QEMUCPUState. Do we need other information?
For future incompatibility of CPUState, I think it useful to design
note information so that what kinds of values are contained there, for
example, by appending versions indicating that uniquely in the
begginning of the data.
Now the things I come up with are the CPUState only. I think it's
better for you to make the question on qemu mailing list too.
Thanks.
HATAYAMA, Daisuke
8:14 a.m.
New subject: question about phys_base
From: Wen Congyang <wency(a)cn.fujitsu.com>
Subject: Re: [Crash-utility] question about phys_base
Date: Tue, 28 Feb 2012 17:04:30 +0800
At 02/28/2012 04:52 PM, HATAYAMA Daisuke Wrote:
> From: Wen Congyang <wency(a)cn.fujitsu.com>
> Subject: Re: [Crash-utility] question about phys_base
> Date: Tue, 28 Feb 2012 16:36:59 +0800
>
>> At 02/28/2012 02:30 PM, HATAYAMA Daisuke Wrote:
>>> From: Wen Congyang <wency(a)cn.fujitsu.com>
>>> Subject: Re: [Crash-utility] question about phys_base
>>> Date: Tue, 28 Feb 2012 13:10:38 +0800
>>>
>>>> At 02/27/2012 10:10 PM, Dave Anderson Wrote:
>>>
>>>>>> The guest is in the second kernel(vcpu > 1)
>>>>>> ]# readelf /tmp/vm2.save2 -l| grep 0xffffffff8
>>>>>> LOAD 0x0000000001017be0 0xffffffff81000000
0x0000000001000000
>>>>>> LOAD 0x0000000001017be0 0xffffffff81000000
0x0000000001000000
>>>>>> LOAD 0x0000000001017be0 0xffffffff81000000
0x0000000001000000
>>>>>> LOAD 0x0000000004017be0 0xffffffff81000000
0x0000000004000000
>>>>>
>>>>> Again, it's not clear why there are multiple segments with the
same
>>>>> same virtual address, but I'm guessing that the one segment that
starts
>>>>> at 0x0000000004000000 is associated with the second kernel, and the
other
>>>>> ones are for vcpus that ran in the first kernel?
>>>>>
>>>>>> The guest is in the second kernel(vcpu = 1)
>>>>>> [root@ghost ~]# readelf /tmp/vm2.save3 -l| grep 0xffffffff8
>>>>>> LOAD 0x0000000004001e4c 0xffffffff81000000
0x0000000004000000
>>>>>>
>>>>>> I donot find differentiate qemu-genetated ELF headers from
dump-generated ELF
>>>>>> headers.
>>>>>
>>>>> Kdump-generated vmcores cannot have multiple START_KERNEL_map
segments.
>>>>> But with dumps where (vpcu = 1), there could be confusion since
it's not obvious
>>>>> if START_KERNEL_map region belongs to the first or second kernel.
>>>>>
>>>>> That being the case, I don't see how this can be supported
cleanly by the crash'
>>>>> utility unless there is a NOTE, or some other obvious identifier,
that absolutely
>>>>> confirms that the dumpfile was qemu-generated.
>>>>
>>>> The note information stored in qemu-generated core:
>>>> Program Headers:
>>>> Type Offset VirtAddr PhysAddr
>>>> FileSiz MemSiz Flags Align
>>>> NOTE 0x000000000000edd0 0x0000000000000000
0x0000000000000000
>>>> 0x0000000000000590 0x0000000000000590 0
>>>>
>>>> I think its format is the same as kdump's vmcore. Does
kdump-generated core's
>>>> virtaddr is always 0? If so, What about to set virt_addr to -1 in
qemu-generated
>>>> core?
>>>>
>>>
>>> In general, such characteristic should not be used. You should prepare
>>> a solid interface. Even if using them, it should be limited to as
>>> workaround to avoid some issue.
>>>
>>> Why not use qemu's CPU state? Include it as note information with good
>>> name, and we can use it to distinguish which. Like:
>>>
>>> $ readelf -n vmcore
>>>
>>> Notes at offset 0x000001c8 with length 0x00000838:
>>> Owner Data size Description
>>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>>> CORE 0x00000150 NT_PRSTATUS (prstatus structure)
>>> QEMU 0x00000557 Unknown note type: (0x00000000)
>>>
>>> Or QEMUCPUState is better?
>>
>> Good idea. I will try it, and hope gdb can also work.
>>
>
> Tools basically ignore unknown notes. Looking into gdb, it appears to
> ignore unknown information.
>
> static bfd_boolean
> elfcore_grok_note (bfd *abfd, Elf_Internal_Note *note)
> {
> const struct elf_backend_data *bed = get_elf_backend_data (abfd);
>
> switch (note->type)
> {
> default:
> return TRUE;
> <cut>
>
> You might need to add new command to output contents of new note if
> it's necessary.
My goal is:
1. gdb uses NT_PRSTATUS, and can work well
2. crash uses unknown notes, and can get phys_base from it.
Another question:
What is QEMUCPUState? I donot find its definition?
What note->type shoule be for "QEMU"? If we choose an unused value, the
value may be used in the future.
For QEMUCPUState, I mean CPUState type information in qemu. It has
machine state information and is very useful for debugging. QEMU
maintainer says it's necessary and I thought adding this note is
natural story.
If adding this in dumpfile, we can at least do the same thing as
kvmdump to calculate phys_base.
To make this note as meaningful as we can say ``gdb works well'',
command to display CPUState is needed. Just like registers command.
(gdb) info registers
rax 0x10 16
rbx 0x63 99
rcx 0x1194 4500
rdx 0x0 0
rsi 0x0 0
rdi 0x63 99
rbp 0xffff88012187be48 0xffff88012187be48
rsp 0xffff88012187be48 0xffff88012187be48
r8 0x0 0
r9 0xffffffffffffffff -1
r10 0xffff88013fc06000 -131936030793728
These values can be referenced with notation $rax, so it would be
happier if able to do the same thing for QEMUCPUState, but not
definite if too complicated to implement.
That's all for idea I have for gdb now.
Thanks.
HATAYAMA, Daisuke
370
days inactive
4658
days old
devel@lists.crash-utility.osci.io
16 comments
3 participants
participants (3)
-
Dave Anderson -
HATAYAMA Daisuke -
Wen Congyang