Re: [Crash-utility] question about phys_base

At 02/17/2012 10:20 PM, Dave Anderson Wrote: > > > ----- Original Message ----- >> At 02/17/2012 12:30 AM, Dave Anderson Wrote: > >>>> Yes. Even if the guest is linux, it is still impossible to do it. Because >>>> the guest maybe in the second kernel. >>>> >>>> qemu-dump walks all guest's page table and collect virtual address and >>>> physical address mapping. If the page is not used by guest, the virtual is set >>>> to 0. I create PT_LOAD according to such mapping. So if the guest linux, >>>> there may be a PT_LOAD segment that describes __START_KERNEL_map region. >>>> But the information stored in PT_LOAD maybe for the second. If crash >>>> uses it, crash will see the second kernel, not the first kernel. >>> >>> Just to be clear -- what do you mean by the "second" kernel? Do you >>> mean that a guest kernel crashed guest, and did a kdump operation, >>> and that second kdump kernel failed somehow, and now you're trying >>> to do a "virsh dump" on the kdump kernel? >> >> Yes, the second kernel means kdump kernel. If kdump failed, the user can >> use it to dump the guest's memory. > > OK, so will your code present two different "types" of ELF headers? I donot understand what do you want to say. Do you mean there is two ELF headers in qemu-generated vmcore?