[PATCH 2/4] vmcoreinfo: export task and mm struct offsets to vmcoreinfo
From: Pnina Feder
Date: Mon Jun 22 2026 - 17:17:05 EST
Export the struct offsets and sizes needed by the vmcore-tasks tool
to walk task lists, extract register state, and enumerate VMAs from
a vmcore dump. This includes offsets into task_struct, mm_struct,
vm_area_struct, and related structures that are not already covered
by existing vmcoreinfo exports.
Signed-off-by: Pnina Feder <pnina.feder@xxxxxxxxxxxx>
---
.../admin-guide/kdump/vmcoreinfo.rst | 77 +++++++++++++++++++
kernel/vmcore_info.c | 60 +++++++++++++++
2 files changed, 137 insertions(+)
diff --git a/Documentation/admin-guide/kdump/vmcoreinfo.rst b/Documentation/admin-guide/kdump/vmcoreinfo.rst
index 7663c610fe90..36103b3cdc05 100644
--- a/Documentation/admin-guide/kdump/vmcoreinfo.rst
+++ b/Documentation/admin-guide/kdump/vmcoreinfo.rst
@@ -594,3 +594,80 @@ va_kernel_pa_offset
Indicates the offset between the kernel virtual and physical mappings.
Used to translate virtual to physical addresses.
+
+Task and VMA metadata
+=====================
+
+The following vmcoreinfo entries export struct offsets and sizes needed
+to walk task lists, extract register state, and enumerate VMAs from a
+vmcore dump without requiring kernel debug symbols (DWARF/BTF). Used by
+the vmcore-tasks userspace tool for lightweight post-mortem crash
+analysis.
+
+init_task
+---------
+
+The address of the initial task (swapper). Used as the starting point
+to walk the circular task list via the tasks member.
+
+(task_struct, tasks)|(task_struct, pid)|(task_struct, tgid)|(task_struct, comm)|(task_struct, mm)|(task_struct, stack)|(task_struct, signal)|(task_struct, flags)|(task_struct, __state)|(task_struct, exit_state)|(task_struct, thread_node)
+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
+
+Offsets into task_struct needed to extract per-task metadata: process
+name, PID/TGID, task state, kernel stack pointer, mm_struct pointer,
+signal_struct pointer, and thread group linkage.
+
+(signal_struct, thread_head)|(signal_struct, nr_threads)
+--------------------------------------------------------
+
+Offsets into signal_struct for walking the thread group list and
+determining the number of threads.
+
+(mm_struct, mm_mt)|(mm_struct, pgd)|(mm_struct, start_brk)|(mm_struct, brk)|(mm_struct, start_stack)
+----------------------------------------------------------------------------------------------------
+
+Offsets into mm_struct for accessing the VMA maple tree, page global
+directory, and memory layout boundaries.
+
+Maple tree internals
+--------------------
+
+Offsets for maple_tree, maple_node, maple_range_64, maple_arange_64,
+and maple_metadata structures. These are needed to walk the maple tree
+that stores VMAs (mm_struct.mm_mt) from a vmcore dump.
+
+(vm_area_struct, vm_start)|(vm_area_struct, vm_end)|(vm_area_struct, vm_flags)|(vm_area_struct, vm_file)|(vm_area_struct, vm_mm)
+-------------------------------------------------------------------------------------------------------------------------------
+
+Offsets into vm_area_struct for extracting VMA boundaries, permissions,
+backing file, and owning mm_struct.
+
+(file, f_path)|(path, dentry)|(dentry, d_name)|(dentry, d_parent)|(qstr, hash_len)|(qstr, name)
+------------------------------------------------------------------------------------------------
+
+Offsets for traversing file -> path -> dentry -> name to reconstruct
+the filename backing a VMA.
+
+THREAD_SIZE
+-----------
+
+The size of the kernel stack. Used to locate the pt_regs saved at the
+top of the kernel stack for each task.
+
+(ucontext, uc_mcontext)
+-----------------------
+
+Offset of the machine context within struct ucontext. Used to locate
+saved registers within a signal frame.
+
+__NR_rt_sigreturn
+-----------------
+
+The rt_sigreturn syscall number. Used to identify signal frame return
+trampolines on the user stack during backtrace reconstruction.
+
+CONFIG_PGTABLE_LEVELS|PMD_SHIFT|PGDIR_SHIFT
+--------------------------------------------
+
+Page table geometry constants. Used for walking page tables to translate
+user virtual addresses to physical addresses in a vmcore dump.
diff --git a/kernel/vmcore_info.c b/kernel/vmcore_info.c
index 8614430ca212..f963274ab1a2 100644
--- a/kernel/vmcore_info.c
+++ b/kernel/vmcore_info.c
@@ -17,6 +17,7 @@
#include <asm/page.h>
#include <asm/sections.h>
+#include <asm/ucontext.h>
#include "kallsyms_internal.h"
#include "kexec_internal.h"
@@ -244,6 +245,65 @@ static int __init crash_save_vmcoreinfo_init(void)
VMCOREINFO_SYMBOL(kallsyms_offsets);
#endif /* CONFIG_KALLSYMS */
+ VMCOREINFO_SYMBOL(init_task);
+ VMCOREINFO_STRUCT_SIZE(task_struct);
+ VMCOREINFO_OFFSET(task_struct, tasks);
+ VMCOREINFO_OFFSET(task_struct, thread_node);
+ VMCOREINFO_OFFSET(task_struct, pid);
+ VMCOREINFO_OFFSET(task_struct, tgid);
+ VMCOREINFO_OFFSET(task_struct, exit_state);
+ VMCOREINFO_OFFSET(task_struct, __state);
+ VMCOREINFO_OFFSET(task_struct, flags);
+ VMCOREINFO_OFFSET(task_struct, comm);
+ VMCOREINFO_OFFSET(task_struct, stack);
+ VMCOREINFO_OFFSET(task_struct, signal);
+ VMCOREINFO_OFFSET(signal_struct, thread_head);
+ VMCOREINFO_OFFSET(signal_struct, nr_threads);
+ VMCOREINFO_OFFSET(task_struct, mm);
+ VMCOREINFO_STRUCT_SIZE(mm_struct);
+ VMCOREINFO_OFFSET(mm_struct, mm_mt);
+ VMCOREINFO_OFFSET(mm_struct, pgd);
+ VMCOREINFO_OFFSET(mm_struct, start_brk);
+ VMCOREINFO_OFFSET(mm_struct, brk);
+ VMCOREINFO_OFFSET(mm_struct, start_stack);
+ VMCOREINFO_STRUCT_SIZE(maple_tree);
+ VMCOREINFO_OFFSET(maple_tree, ma_root);
+ VMCOREINFO_OFFSET(maple_tree, ma_flags);
+ VMCOREINFO_STRUCT_SIZE(maple_node);
+ VMCOREINFO_OFFSET(maple_node, slot);
+ VMCOREINFO_OFFSET(maple_node, parent);
+ VMCOREINFO_OFFSET(maple_node, ma64);
+ VMCOREINFO_OFFSET(maple_node, mr64);
+ VMCOREINFO_OFFSET(maple_range_64, pivot);
+ VMCOREINFO_OFFSET(maple_range_64, slot);
+ VMCOREINFO_OFFSET(maple_metadata, end);
+ VMCOREINFO_OFFSET(maple_metadata, gap);
+ VMCOREINFO_OFFSET(maple_arange_64, pivot);
+ VMCOREINFO_OFFSET(maple_arange_64, slot);
+ VMCOREINFO_OFFSET(maple_arange_64, gap);
+ VMCOREINFO_OFFSET(maple_arange_64, meta);
+ VMCOREINFO_STRUCT_SIZE(vm_area_struct);
+ VMCOREINFO_OFFSET(vm_area_struct, vm_start);
+ VMCOREINFO_OFFSET(vm_area_struct, vm_end);
+ VMCOREINFO_OFFSET(vm_area_struct, vm_flags);
+ VMCOREINFO_OFFSET(vm_area_struct, vm_file);
+ VMCOREINFO_OFFSET(vm_area_struct, vm_mm);
+ VMCOREINFO_STRUCT_SIZE(file);
+ VMCOREINFO_OFFSET(file, f_path);
+ VMCOREINFO_OFFSET(path, dentry);
+ VMCOREINFO_STRUCT_SIZE(dentry);
+ VMCOREINFO_OFFSET(dentry, d_name);
+ VMCOREINFO_OFFSET(dentry, d_parent);
+ VMCOREINFO_OFFSET(qstr, hash_len);
+ VMCOREINFO_OFFSET(qstr, name);
+ VMCOREINFO_NUMBER(THREAD_SIZE);
+ VMCOREINFO_STRUCT_SIZE(pt_regs);
+ VMCOREINFO_OFFSET(ucontext, uc_mcontext);
+ VMCOREINFO_NUMBER(__NR_rt_sigreturn);
+ VMCOREINFO_NUMBER(CONFIG_PGTABLE_LEVELS);
+ VMCOREINFO_NUMBER(PMD_SHIFT);
+ VMCOREINFO_NUMBER(PGDIR_SHIFT);
+
arch_crash_save_vmcoreinfo();
update_vmcoreinfo_note();
--
2.43.0