Examining Page Tables in Kernel Crash Dumps (amd64)
John Baldwin
jhb at freebsd.org
Thu Dec 24 17:25:45 UTC 2015
On Tuesday, December 22, 2015 03:59:20 PM Arlie Stephens wrote:
> I'm chasing a bug in an elderly, customized freebsd kernel that appears to
> result in corrupted page tables.
>
> kgdb is not cooperating when I attempt to look at addresses of kernel
> page tables. I've replicated that part on an elderly stock freebsd
> system, running freebsd 8.4. , and it looks to me like it's probably
> getting that limitation from libkvm.
>
> Obviously I don't expect community help with an ancient freebsd
> issue... particularly one probably caused by our own customizations.
>
> But given the tool chain changes upstream, I don't expect testing with
> whatever kgdb has turned into there to be very relevant ;-(
>
> So far, the only way I know to get a look at kernel page table
> contents in FreeBSD is on live systems with ddb.
>
> I would like to know whether there are any tools I haven't noticed for
> dealing with page tables in crash dumps - or, for that matter, whether
> kgdb is supposed to be able to display the kernel's recursive page
> tables.
>
> Failing that, I may just have to write one ;-) (Or figure out how to
> chase my problem on live systems.)
kgdb depends on libkvm to handle translations of virtual addresses to
offsets in the vmcore file (which is then used by kvm_read to read the
relevant data). On amd64 you can cheat a bit by using direct map
addresses (I use this in my gdb macros to walk the page tables by
hand so I can look at raw PDEs, PTEs, etc.).
(For the macros I use you can look at www.freebsd.org/~jhb/gdb/gdb6.amd64)
Normally you download the files there and do 'source gdb6' which will pull
in gdb6.amd64. The 'pmap_*' macros try to replicate the behavior of the
equivalent functions in pmap.c.
--
John Baldwin
More information about the freebsd-hackers
mailing list