This is the mail archive of the gdb@sourceware.org mailing list for the GDB project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

gdb on Linux Kernel dumps (gdb-kdump)


Hello,

as was discussed at Andreas Arnez's talk during the GNU Cauldron 2015,
it would be nice to be able to work with Linux kernel dumps using the
ordinary gdb.  Linux kernel dumps may appear in multiple formats
(KDUMP/DISKDUMP being most efficient, but LKCD, Xen, .vmss, ... are
possible as well), while gdb does understand almost only the usual ELF.

The only tool to work with those dumps is crash-utility, which in fact
has an older version of gdb embedded in, yet doesn't use it effectively,
is not able to work multiarch, etc.

My colleagues and myself have explored the ways how to enable gdb to
open kdumps, and as a result, Petr Tesarik introduced a whole new
library "libkdumpfile", not only able to open the dumps in various
formats, but furthermore doing the virtual to physical memory mapping
(which gdb doesn't do).

My efforts resulted in a fork of gdb called "gdb-kdump". This one adds a
new target called "kdump", which uses libkdumpfile to access specified
kernel dump.  For each task from the dumped kernel a new gdb's thread
structure is created.  Currently it implements two commands "kdump ps"
which prints out the tasks, and "kdump modules /some/path" which does
find and load debuginfo files for the modules loaded in the dumped
kernel.

The gdb-kdump should be considered rather as a proof of concept, yet it
shows that enabling the kdumps in gdb should be principally easy. It is
able to open the x86_64 and s390x kdumps. I'd imagine that most of the
commands of the crash-utility could be reimplemented using the gdb's
Python interface.

The projects reside on github:

* https://github.com/ptesarik/libkdumpfile

* https://github.com/alesax/gdb-kdump

The example session looks like that:

------------------------------------------------------------------+
ales@pixla:~/dump1> gdb vmlinux.debug                             |
GNU gdb (GDB) 7.10                                                |
[...]                                                             |
For help, type "help".                                            |
Type "apropos word" to search for commands related to "word"...   |
Reading symbols from vmlinux.debug...done.                        |
(gdb) target kdump vmcore                                         |
Loaded processes: 346                                             |
(gdb) thread 322                                                  |
[Switching to thread 322 (pid 17626)]                             |
#0  worker_thread (__worker=<optimized out>)                      |
    at /usr/src/debug/kernel-default-3.0.101/linux-3.0/kernel/work|
(gdb) bt f                                                        |
#0  worker_thread (__worker=<optimized out>)                      |
    at /usr/src/debug/kernel-default-3.0.101/linux-3.0/kernel/work|
        worker = <unavailable>                                    |
        gcwq = (struct global_cwq*) 0xffff8807f6900c40            |
#1  0xffffffff810829a6 in kthread (_create=<optimized out>)       |
    at /usr/src/debug/kernel-default-3.0.101/linux-3.0/kernel/kthr|
        threadfn = 0xffffffff8107e4c0 <worker_thread>             |
        data = 0xffff8807f6900c40                                 |
        self = {should_stop = 0, data = 0xffff8807f6900c40, exited|
                    raw_lock = {slock = 0}}}}, task_list = {next =|
                prev = (struct list_head*) 0xffff8807cc0e9f10}}}} |
        ret = <optimized out>                                     |
#2  0xffffffff8146b164 in kernel_thread_helper ()                 |
------------------------------------------------------------------+

We'd be thankful for any comments!

--
Ales Novak
SUSE L3


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]