[Fwd: [Crash-utility] crash warnings]
Dave Anderson
anderson at redhat.com
Thu May 4 19:08:14 UTC 2006
Dave Anderson wrote:
> David Wilder wrote:
>
>>
>> crash -d 2 gave me the header..
>> Elf64_Phdr:
>> p_type: 4 (PT_NOTE)
>> p_offset: 288 (120)
>> p_vaddr: 0
>> p_paddr: 0
>> p_filesz: 1048 (418)
>> p_memsz: 1048 (418)
>> p_flags: 0 ()
>> p_align: 0
>> Elf64_Phdr:
>> p_type: 1 (PT_LOAD)
>> p_offset: 1336 (538)
>> p_vaddr: c000000000000000
>> p_paddr: 0
>> p_filesz: 32768 (8000)
>> p_memsz: 32768 (8000)
>> p_flags: 7 (PF_X|PF_W|PF_R)
>> p_align: 0
>> Elf64_Phdr:
>> p_type: 1 (PT_LOAD)
>> p_offset: 34104 (8538)
>> p_vaddr: c000000000008000
>> p_paddr: 8000
>> p_filesz: 33521663 (1ff7fff)
>> p_memsz: 33521663 (1ff7fff)
>> p_flags: 7 (PF_X|PF_W|PF_R)
>> p_align: 0
>> Elf64_Phdr:
>> p_type: 1 (PT_LOAD)
>> p_offset: 33555767 (2000537)
>> p_vaddr: c00000002fd0f001
>> p_paddr: 2fd0f001
>> p_filesz: 3492745215 (d02f0fff)
>> p_memsz: 3492745215 (d02f0fff)
>> p_flags: 7 (PF_X|PF_W|PF_R)
>> p_align: 0
>>
>> Looks like that address is in a hole between PT_LOAD segments 2 and 3.
>
> Right, but something is fundamentally wrong with your
> vmcore:
>
> p_paddr p_filesz
> First segment: 0 8000
> Second segment: 8000 1ff7fff
> Third segment: 2fd0f001 d02f0fff
>
> It cannot have a p_paddr address that is not page-aligned,
> nor can you have a p_filesz that is not page-aligned.
>
> Dave
Vivek et al,
Have there been any recent changes to the kdump code
that might cause strange PT_LOAD segment contents?
In addition to Dave Wilder's vmcore above, I also note that
in Badari's recent x86_64 vmcore, there is a PT_LOAD segment
that also has a non-page-aligned p_filesz:
# readelf -a vmcore
ELF Header:
Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
Class: ELF64
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: CORE (Core file)
Machine: Advanced Micro Devices X86-64
Version: 0x1
Entry point address: 0x0
Start of program headers: 64 (bytes into file)
Start of section headers: 0 (bytes into file)
Flags: 0x0
Size of this header: 64 (bytes)
Size of program headers: 56 (bytes)
Number of program headers: 5
Size of section headers: 0 (bytes)
Number of section headers: 0
Section header string table index: 0
There are no sections in this file.
There are no section groups in this file.
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
NOTE 0x0000000000000158 0x0000000000000000 0x0000000000000000
0x00000000000002c8 0x00000000000002c8 0
LOAD 0x0000000000000420 0xffffffff80000000 0x0000000000000000
0x00000000000a0000 0x00000000000a0000 RWE 0
LOAD 0x00000000000a0420 0xffffffff80100000 0x0000000000100000
0x0000000000f00000 0x0000000000f00000 RWE 0
LOAD 0x0000000000fa0420 0xffff810005000000 0x0000000005000000
0x00000000d2fcca80 0x00000000d2fcca80 RWE 0
LOAD 0x00000000d3f6cea0 0xffff810100000000 0x0000000100000000
0x0000000028000000 0x0000000028000000 RWE 0
There is no dynamic section in this file.
There are no relocations in this file.
There are no unwind sections in this file.
No version information found in this file.
Notes at offset 0x00000158 with length 0x000002c8:
Owner Data size Description
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
CORE 0x00000150 NT_PRSTATUS (prstatus structure)
#
A p_filesz/p_memsz of 0x00000000d2fcca80 cannot be correct.
Dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/crash-utility/attachments/20060504/83fa8ad1/attachment.htm>
More information about the Crash-utility
mailing list