Hello,
I maintain drgn [1], a debugger for the Linux kernel. I ran into a quirk
of the NT_PRSTATUS note in kernel core dumps [2], so I looked into how
QEMU's dump-guest-memory command generates NT_PRSTATUS. I noticed that
on most architectures, the note's PID field is set to the CPU ID plus 1.
There are two exceptions: on s390x, there's an endianness bug (it's not
byte swapped if the host is little endian), and on ppc, it's not set at
all (it defaults to zero). They're both easy fixes.
Thanks,
Omar
1: https://github.com/osandov/drgn
2: https://github.com/osandov/drgn/issues/404
Omar Sandoval (2):
target/s390x/arch_dump: use correct byte order for pid
target/ppc/arch_dump: set prstatus pid to cpuid
target/ppc/arch_dump.c | 21 ++++++++++++---------
target/s390x/arch_dump.c | 2 +-
2 files changed, 13 insertions(+), 10 deletions(-)