[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <5152E36D.9030307@redhat.com>
Date: Wed, 27 Mar 2013 13:17:49 +0100
From: Denys Vlasenko <dvlasenk@...hat.com>
To: Daniel Walker <dwalker@...o99.com>
CC: Oleg Nesterov <oleg@...hat.com>, linux-kernel@...r.kernel.org
Subject: Re: ptracing a task from core_pattern pipe
On 03/27/2013 04:26 AM, Daniel Walker wrote:
> On Mon, Mar 25, 2013 at 10:48:07AM +0100, Denys Vlasenko wrote:
>> On 03/19/2013 09:19 PM, Oleg Nesterov wrote:
>>>> The above is regarding the situation which I'm running my corepipe_app ,
>>>> i.e. my system doesn't have a disk to save a core file for parsing.
>>>
>>> Can't you process the data inplace? You do not need to save it to disk.
>>
>> Daniel said:
>>
>>>> I'm trying to get the "dumpers" registers and stack out when it fails.
>>
>> Registers would be easy'ish to get from coredump:
>> they are contained in note sections which are at the beginning
>> of the coredump. You can implement necessary parsing without
>> too much pain.
>>
>> Getting at stack would be harder.
>
> There exists /proc/<pid>/mem and /proc/<pid>/maps on these tasks. If
> those don't work then that's a straight up defect..
>
>> But by asking kernel to allow you to poke around dead task's
>> address space with ptrace() calls you just shift difficulty away from you
>> (today you need to implement in-memory ELF parsing) to kernel people
>> (they will need to implement *and support* ptracing of coredumping
>> tasks).
>>
>> This is somewhat unfair, considering that coredumping code in kernel
>> is already a source of many complications, and that kernel-side coding
>> is harder than userspace.
>>
>> I think you are lucky that ptrace attach even *works* on coredumping task.
>> No documentation ever guaranteed such a thing.
>
> There not much different from userspace between a task running, and one
> dumping..
As I see it, dumping task is past the point where it can enter
ptrace-stops.
It's like asking to ptrace a task which already entered the kernel
via exit(0) syscall and complaining that "it doesn't work".
Of course it does not: a ptrace-stop can happen only after syscall
returns to userspace, and exit() doesn't return.
Coredumping is similar: the task is in kernelspace and
it won't ever return to userspace.
--
vda
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists