Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

sdb should detect vmlinux version from crash dump #286

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

PaulZ-98
Copy link
Contributor

@PaulZ-98 PaulZ-98 commented May 17, 2022

= Problem

sdb does not automatically determine the vmlinux file from the crash dump
#41

= Solution

When a crash dump is supplied but the vmlinux file is not supplied on the command line, parse the crash dump to find the OS version, then scan /usr/lib/debug and /root for the vmlinux file matching that version. This follows the solution proposed by @prakashsurya. Other options require changes outside of sdb/drgn.

root@ub-20:~/sdb_detect/sdb# sdb -s /root/objs /root/dump-orig/dump.202102031354
sdb using ['/root/dumps/vmlinux-5.8.0-41-generic'] auto-detected from core file
sdb>

Tested with a core referencing a vmlinux that can be found in /root or /usr/lib/debug, and with one that is not located in /root or /usr/lib/debug. Tested existing method of specifying the actual vmlinux still works.

Closes #41

@ahrens ahrens requested a review from sdimitro May 22, 2022 22:47
Comment on lines +198 to +206
def is_core(filename: str) -> bool:
"""
Parse beginning of the given file to see if it starts with 'KDUMP'
"""
match = "KDUMP"
for s in strings(filename, len(match), 64):
if s.startswith(match):
return True
return False
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a bit hacky. How about we use the Python API of https://github.com/ptesarik/libkdumpfile to first check if it is a valid kdump file and then use query its build-id parameter/property to get our matching?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you give me some hints on which API calls I could use? I'm not able to find a clean way to do this with libkdumpfile.

@dlpx-tfc-github-manager dlpx-tfc-github-manager bot deleted the branch delphix:master January 5, 2023 22:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

how to determine which "vmlinux" to use when working with kernel dumps?
2 participants