[Crash-utility] 32 bit linux-2.6.24-git8 user_regs_struct change breaks opening kdump crashfiles

Tue Nov 18 15:42:16 UTC 2008

----- "Joe Porter" <joe.porter at ccur.com> wrote:
> On Mon, 2008-11-17 at 15:30 -0500, Dave Anderson wrote:
> > Does the new kernel that has the name changes end up using the
> > initial attempts to set the size, esp and ebp offsets?  Or does
> > it always end up using the "if (!VALID_STRUCT())" section?  It's
> > only going to use one or the other, depending upon whether the
> > user_regs_struct gets exported-to/included-in the debuginfo data.
> 
> I did a binary search on all the kernels between 2.6.23 and
> 2.6.28-rc?.
> 
> It was pretty clear that we were always going to get into this after
> 2.6.24-git8.
> 

Hi Joe,

Sorry -- I didn't make myself clear enough in my question.

What I meant was: did the original code in the crash x86_init()
fall into the "if" clause here:

                if (!VALID_STRUCT(user_regs_struct)) {
                        /*  Use this hardwired version -- sometimes the
                         *  debuginfo doesn't pick this up even though
                         *  it exists in the kernel; it shouldn't change.
                         */

Since the offset values and structure size required shouldn't have changed
(even though the names did), I'm presuming that x86_init() did *not* fall
into that code, because if it did, the offsets and size values would have
been assigned, and you wouldn't have seen the ultimate error.  So my
guess is that the user_regs_struct *is* in the debuginfo of the new
kernel.  That's what I'm trying to confirm here.  In other words, if
you do this:

 # gdb vmlinux
 ...
 (gdb) ptype struct user_regs_struct

does it know about the structure?  If it does, then all the changes
you made in the "if" part of the patch are not required.

> After I figured out the names changed, I didn't take it any further
> than
> what you see in the patch.
> 
> When I dropped in the new x86_user_regs_struct, the code wouldn't
> build
> without making the two little changes to the MEMBER_OFFSET_INIT
> calls.
> 
> There were a lot of related changes to the elf core code and also in
> the 64 bit user_regs_struct.
> 
> I assume the 64 bit kdump crashfiles still work either because the
> crash
> initialization code differs or because the 32 bit elf core stuff
> changed
> to cause the !VALID_STRUCT() call to come back true.

The x86_64 would use x86_64_init() instead of x86_init(), so it's
irrelevant.  And the x86_64 code doesn't care about those fields.

> 
> I'm really not very familiar with crash and kdump.
> 
> I'll attach a git7-git8 diff of some of the related code from
> asm-x86.
> 
> I guess any final fix would need to take into account guarding
> against
> any other future changes like this ... if one could reasonably do so.
> 
> I won't have much time to delve into it any more for at least a few
> more
> weeks.

I appreciate your time -- sorry to drag you down into my world. 
(Please forgive an old "ccur.com" guy...)

Thanks,
  Dave