Re: [Qemu-devel] Kernel core dumps from qemu

[Chris Smith]

On Tue, Mar 24, 2009 at 08:08:38PM +0200, Avi Kivity wrote:

> I'd suggest a 'format' argument, so we can extend this later to dump
> in non-ELF formats (the Windows native memory dump format would be
> useful).

No problem.  I was thinking of something similar --

    (qemu) dump | winfmt > win.dmp

or

    (qemu) dump | /usr/bin/gdbfmt > just.like.vmcore

or

    (qemu) dump > raw.elf               [normal case for crash utility]

with qemu providing a dump primitive (just the data) to be dressed up
by tools distributed with qemu, or contributed, or home grown.

The | and > are just to be explicit, it could be prettier.

(gdbfmt would just look up PAGE_OFFSET and alter the elf header.)
(gdbfmt needs a path to System.map, if so, better it than qemu.)

> I suppose the core format handles smp?

I think so.  kdump dumps out the memory and the registers (for each cpu).

memory:

kdump dumps out the physical memory and its virtual addresses.  
It (vmcore.c) is given a list of physical memory addresses and sizes.

qemu has  cpu_physical_memory_rw() -- I think that's the right one --
and page tables.  qemu can dump out the physical memory but without
virtual addresses.

registers:

kdump dumps out the registers, in NT_PRSTATUS notes.  
crash_save_cpu() does this, it's in /usr/src/linux/kernel/kexec.c.
struct prstatus is in  /usr/include/linux/elfcore.h.

For smp, it's one NT_PRSTATUS note per cpu, in the order 0,1,2,...

For qemu's registers in the raw dump, struct prstatus is sort of one
endpoint, it matches kdump's vmcore.  Free tools.

The other endpoint is CPUState.  If some dump format wants something,
it's there, or else qemu doesn't have it.  The dump formatters would
be kind of grizzly, knowing way too much about qemu internals and
targets.  Maybe it should use XML.

Well, no.  Anyway, the dump should provide everything kdump does,
except current->pid for each cpu.  There is no indication what
that is for.