Contents of core dumps (was: Re: fs/binfmt_elf.c:maydump())

From: Daniel Jacobowitz
Date: Tue Jan 02 2007 - 21:02:54 EST

Next message: Stefan Richter: "Re: [2.6 patch] the scheduled IEEE1394_OUI_DB removal"
Previous message: Chen, Kenneth W: "RE: [patch] aio: streamline read events after woken up"
Next in thread: David Miller: "Re: Contents of core dumps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[Please CC, I am not subscribed to lkml.]

On Thu, Apr 06, 2006 at 10:18:07PM -0700, David S. Miller wrote:
> How about something like the following patch? If it's executable
> and not written to, skip it. This would skip the main executable
> image and all text segments of the shared libraries mapped in.

I've been going through GDB test failures (... again...) and I'm down
to a respectably small number on x86_64, but this is one of the
remaining ones. I don't suppose there's been any change since we
discussed this in April?

A refresher for those following along: there's a GDB test that mmaps a
file using MAP_PRIVATE and PROT_WRITE. It expects the contents to end
up in the core dump. Right now, they don't. I can fix the test by
making sure it writes to the mapping, but before I change the test,
I want to raise the question of what _should_ be in a core dump.

I took a peek at what Solaris includes in core dumps. They offer
(not surprisingly) a pile of configuration options. The default is
just about everything except for file-backed shared memory and some
symbol table data - it includes text segments, rodata, anonymous shared
memory, file backed mappings, et cetera. I guess that's another
argument in favor of dumping more. Then you can control it globally,
per process, et cetera.

http://src.opensolaris.org/source/xref/loficc/crypto/usr/src/uts/common/sys/corectl.h

I also checked an AIX manual since there was a reference to SA_FULLDUMP
in the GDB test:

By default, the user data, anonymously mapped regions, and vm_infox
structures are not included in a core dump. This partial core dump
includes the current thread stack, the thread thrdctx structures, the
user structure, and the state of the registers at the time of the
fault. A partial core dump contains sufficient information for a stack
traceback. The size of a core dump can also be limited by the setrlimit
or setrlimit64 subroutine.

To enable a full core dump, set the SA_FULLDUMP flag in the sigaction
subroutine for the signal that is to generate a full core dump. If this
flag is set when the core is dumped, the user data section, vm_infox,
and anonymously mapped region structures are included in the core dump.

Not really sure what that translates to, but it's less than what
Solaris dumps, I think.

Does Linux need knobs for this?

>
> diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
> index 537893a..9ec5c2b 100644
> --- a/fs/binfmt_elf.c
> +++ b/fs/binfmt_elf.c
> @@ -1167,8 +1167,10 @@ static int maydump(struct vm_area_struct
> if (vma->vm_flags & VM_SHARED)
> return vma->vm_file->f_dentry->d_inode->i_nlink == 0;
>
> - /* If it hasn't been written to, don't write it out */
> - if (!vma->anon_vma)
> + /* If it is executable and hasn't been written to,
> + * don't write it out.
> + */
> + if ((vma->vm_flags & VM_EXEC) && !vma->anon_vma)
> return 0;
>
> return 1;
>
>

--
Daniel Jacobowitz
CodeSourcery
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Stefan Richter: "Re: [2.6 patch] the scheduled IEEE1394_OUI_DB removal"
Previous message: Chen, Kenneth W: "RE: [patch] aio: streamline read events after woken up"
Next in thread: David Miller: "Re: Contents of core dumps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]