326 строки
10 KiB
Plaintext
326 строки
10 KiB
Plaintext
================================================================
|
|
Documentation for Kdump - The kexec-based Crash Dumping Solution
|
|
================================================================
|
|
|
|
This document includes overview, setup and installation, and analysis
|
|
information.
|
|
|
|
Overview
|
|
========
|
|
|
|
Kdump uses kexec to quickly boot to a dump-capture kernel whenever a
|
|
dump of the system kernel's memory needs to be taken (for example, when
|
|
the system panics). The system kernel's memory image is preserved across
|
|
the reboot and is accessible to the dump-capture kernel.
|
|
|
|
You can use common Linux commands, such as cp and scp, to copy the
|
|
memory image to a dump file on the local disk, or across the network to
|
|
a remote system.
|
|
|
|
Kdump and kexec are currently supported on the x86, x86_64, and ppc64
|
|
architectures.
|
|
|
|
When the system kernel boots, it reserves a small section of memory for
|
|
the dump-capture kernel. This ensures that ongoing Direct Memory Access
|
|
(DMA) from the system kernel does not corrupt the dump-capture kernel.
|
|
The kexec -p command loads the dump-capture kernel into this reserved
|
|
memory.
|
|
|
|
On x86 machines, the first 640 KB of physical memory is needed to boot,
|
|
regardless of where the kernel loads. Therefore, kexec backs up this
|
|
region just before rebooting into the dump-capture kernel.
|
|
|
|
All of the necessary information about the system kernel's core image is
|
|
encoded in the ELF format, and stored in a reserved area of memory
|
|
before a crash. The physical address of the start of the ELF header is
|
|
passed to the dump-capture kernel through the elfcorehdr= boot
|
|
parameter.
|
|
|
|
With the dump-capture kernel, you can access the memory image, or "old
|
|
memory," in two ways:
|
|
|
|
- Through a /dev/oldmem device interface. A capture utility can read the
|
|
device file and write out the memory in raw format. This is a raw dump
|
|
of memory. Analysis and capture tools must be intelligent enough to
|
|
determine where to look for the right information.
|
|
|
|
- Through /proc/vmcore. This exports the dump as an ELF-format file that
|
|
you can write out using file copy commands such as cp or scp. Further,
|
|
you can use analysis tools such as the GNU Debugger (GDB) and the Crash
|
|
tool to debug the dump file. This method ensures that the dump pages are
|
|
correctly ordered.
|
|
|
|
|
|
Setup and Installation
|
|
======================
|
|
|
|
Install kexec-tools and the Kdump patch
|
|
---------------------------------------
|
|
|
|
1) Login as the root user.
|
|
|
|
2) Download the kexec-tools user-space package from the following URL:
|
|
|
|
http://www.xmission.com/~ebiederm/files/kexec/kexec-tools-1.101.tar.gz
|
|
|
|
3) Unpack the tarball with the tar command, as follows:
|
|
|
|
tar xvpzf kexec-tools-1.101.tar.gz
|
|
|
|
4) Download the latest consolidated Kdump patch from the following URL:
|
|
|
|
http://lse.sourceforge.net/kdump/
|
|
|
|
(This location is being used until all the user-space Kdump patches
|
|
are integrated with the kexec-tools package.)
|
|
|
|
5) Change to the kexec-tools-1.101 directory, as follows:
|
|
|
|
cd kexec-tools-1.101
|
|
|
|
6) Apply the consolidated patch to the kexec-tools-1.101 source tree
|
|
with the patch command, as follows. (Modify the path to the downloaded
|
|
patch as necessary.)
|
|
|
|
patch -p1 < /path-to-kdump-patch/kexec-tools-1.101-kdump.patch
|
|
|
|
7) Configure the package, as follows:
|
|
|
|
./configure
|
|
|
|
8) Compile the package, as follows:
|
|
|
|
make
|
|
|
|
9) Install the package, as follows:
|
|
|
|
make install
|
|
|
|
|
|
Download and build the system and dump-capture kernels
|
|
------------------------------------------------------
|
|
|
|
Download the mainline (vanilla) kernel source code (2.6.13-rc1 or newer)
|
|
from http://www.kernel.org. Two kernels must be built: a system kernel
|
|
and a dump-capture kernel. Use the following steps to configure these
|
|
kernels with the necessary kexec and Kdump features:
|
|
|
|
System kernel
|
|
-------------
|
|
|
|
1) Enable "kexec system call" in "Processor type and features."
|
|
|
|
CONFIG_KEXEC=y
|
|
|
|
2) Enable "sysfs file system support" in "Filesystem" -> "Pseudo
|
|
filesystems." This is usually enabled by default.
|
|
|
|
CONFIG_SYSFS=y
|
|
|
|
Note that "sysfs file system support" might not appear in the "Pseudo
|
|
filesystems" menu if "Configure standard kernel features (for small
|
|
systems)" is not enabled in "General Setup." In this case, check the
|
|
.config file itself to ensure that sysfs is turned on, as follows:
|
|
|
|
grep 'CONFIG_SYSFS' .config
|
|
|
|
3) Enable "Compile the kernel with debug info" in "Kernel hacking."
|
|
|
|
CONFIG_DEBUG_INFO=Y
|
|
|
|
This causes the kernel to be built with debug symbols. The dump
|
|
analysis tools require a vmlinux with debug symbols in order to read
|
|
and analyze a dump file.
|
|
|
|
4) Make and install the kernel and its modules. Update the boot loader
|
|
(such as grub, yaboot, or lilo) configuration files as necessary.
|
|
|
|
5) Boot the system kernel with the boot parameter "crashkernel=Y@X",
|
|
where Y specifies how much memory to reserve for the dump-capture kernel
|
|
and X specifies the beginning of this reserved memory. For example,
|
|
"crashkernel=64M@16M" tells the system kernel to reserve 64 MB of memory
|
|
starting at physical address 0x01000000 for the dump-capture kernel.
|
|
|
|
On x86 and x86_64, use "crashkernel=64M@16M".
|
|
|
|
On ppc64, use "crashkernel=128M@32M".
|
|
|
|
|
|
The dump-capture kernel
|
|
-----------------------
|
|
|
|
1) Under "General setup," append "-kdump" to the current string in
|
|
"Local version."
|
|
|
|
2) On x86, enable high memory support under "Processor type and
|
|
features":
|
|
|
|
CONFIG_HIGHMEM64G=y
|
|
or
|
|
CONFIG_HIGHMEM4G
|
|
|
|
3) On x86 and x86_64, disable symmetric multi-processing support
|
|
under "Processor type and features":
|
|
|
|
CONFIG_SMP=n
|
|
(If CONFIG_SMP=y, then specify maxcpus=1 on the kernel command line
|
|
when loading the dump-capture kernel, see section "Load the Dump-capture
|
|
Kernel".)
|
|
|
|
4) On ppc64, disable NUMA support and enable EMBEDDED support:
|
|
|
|
CONFIG_NUMA=n
|
|
CONFIG_EMBEDDED=y
|
|
CONFIG_EEH=N for the dump-capture kernel
|
|
|
|
5) Enable "kernel crash dumps" support under "Processor type and
|
|
features":
|
|
|
|
CONFIG_CRASH_DUMP=y
|
|
|
|
6) Use a suitable value for "Physical address where the kernel is
|
|
loaded" (under "Processor type and features"). This only appears when
|
|
"kernel crash dumps" is enabled. By default this value is 0x1000000
|
|
(16MB). It should be the same as X in the "crashkernel=Y@X" boot
|
|
parameter discussed above.
|
|
|
|
On x86 and x86_64, use "CONFIG_PHYSICAL_START=0x1000000".
|
|
|
|
On ppc64 the value is automatically set at 32MB when
|
|
CONFIG_CRASH_DUMP is set.
|
|
|
|
6) Optionally enable "/proc/vmcore support" under "Filesystems" ->
|
|
"Pseudo filesystems".
|
|
|
|
CONFIG_PROC_VMCORE=y
|
|
(CONFIG_PROC_VMCORE is set by default when CONFIG_CRASH_DUMP is selected.)
|
|
|
|
7) Make and install the kernel and its modules. DO NOT add this kernel
|
|
to the boot loader configuration files.
|
|
|
|
|
|
Load the Dump-capture Kernel
|
|
============================
|
|
|
|
After booting to the system kernel, load the dump-capture kernel using
|
|
the following command:
|
|
|
|
kexec -p <dump-capture-kernel> \
|
|
--initrd=<initrd-for-dump-capture-kernel> --args-linux \
|
|
--append="root=<root-dev> init 1 irqpoll"
|
|
|
|
|
|
Notes on loading the dump-capture kernel:
|
|
|
|
* <dump-capture-kernel> must be a vmlinux image (that is, an
|
|
uncompressed ELF image). bzImage does not work at this time.
|
|
|
|
* By default, the ELF headers are stored in ELF64 format to support
|
|
systems with more than 4GB memory. The --elf32-core-headers option can
|
|
be used to force the generation of ELF32 headers. This is necessary
|
|
because GDB currently cannot open vmcore files with ELF64 headers on
|
|
32-bit systems. ELF32 headers can be used on non-PAE systems (that is,
|
|
less than 4GB of memory).
|
|
|
|
* The "irqpoll" boot parameter reduces driver initialization failures
|
|
due to shared interrupts in the dump-capture kernel.
|
|
|
|
* You must specify <root-dev> in the format corresponding to the root
|
|
device name in the output of mount command.
|
|
|
|
* "init 1" boots the dump-capture kernel into single-user mode without
|
|
networking. If you want networking, use "init 3."
|
|
|
|
|
|
Kernel Panic
|
|
============
|
|
|
|
After successfully loading the dump-capture kernel as previously
|
|
described, the system will reboot into the dump-capture kernel if a
|
|
system crash is triggered. Trigger points are located in panic(),
|
|
die(), die_nmi() and in the sysrq handler (ALT-SysRq-c).
|
|
|
|
The following conditions will execute a crash trigger point:
|
|
|
|
If a hard lockup is detected and "NMI watchdog" is configured, the system
|
|
will boot into the dump-capture kernel ( die_nmi() ).
|
|
|
|
If die() is called, and it happens to be a thread with pid 0 or 1, or die()
|
|
is called inside interrupt context or die() is called and panic_on_oops is set,
|
|
the system will boot into the dump-capture kernel.
|
|
|
|
On powererpc systems when a soft-reset is generated, die() is called by all cpus and the system will boot into the dump-capture kernel.
|
|
|
|
For testing purposes, you can trigger a crash by using "ALT-SysRq-c",
|
|
"echo c > /proc/sysrq-trigger or write a module to force the panic.
|
|
|
|
Write Out the Dump File
|
|
=======================
|
|
|
|
After the dump-capture kernel is booted, write out the dump file with
|
|
the following command:
|
|
|
|
cp /proc/vmcore <dump-file>
|
|
|
|
You can also access dumped memory as a /dev/oldmem device for a linear
|
|
and raw view. To create the device, use the following command:
|
|
|
|
mknod /dev/oldmem c 1 12
|
|
|
|
Use the dd command with suitable options for count, bs, and skip to
|
|
access specific portions of the dump.
|
|
|
|
To see the entire memory, use the following command:
|
|
|
|
dd if=/dev/oldmem of=oldmem.001
|
|
|
|
|
|
Analysis
|
|
========
|
|
|
|
Before analyzing the dump image, you should reboot into a stable kernel.
|
|
|
|
You can do limited analysis using GDB on the dump file copied out of
|
|
/proc/vmcore. Use the debug vmlinux built with -g and run the following
|
|
command:
|
|
|
|
gdb vmlinux <dump-file>
|
|
|
|
Stack trace for the task on processor 0, register display, and memory
|
|
display work fine.
|
|
|
|
Note: GDB cannot analyze core files generated in ELF64 format for x86.
|
|
On systems with a maximum of 4GB of memory, you can generate
|
|
ELF32-format headers using the --elf32-core-headers kernel option on the
|
|
dump kernel.
|
|
|
|
You can also use the Crash utility to analyze dump files in Kdump
|
|
format. Crash is available on Dave Anderson's site at the following URL:
|
|
|
|
http://people.redhat.com/~anderson/
|
|
|
|
|
|
To Do
|
|
=====
|
|
|
|
1) Provide a kernel pages filtering mechanism, so core file size is not
|
|
extreme on systems with huge memory banks.
|
|
|
|
2) Relocatable kernel can help in maintaining multiple kernels for
|
|
crash_dump, and the same kernel as the system kernel can be used to
|
|
capture the dump.
|
|
|
|
|
|
Contact
|
|
=======
|
|
|
|
Vivek Goyal (vgoyal@in.ibm.com)
|
|
Maneesh Soni (maneesh@in.ibm.com)
|
|
|
|
|
|
Trademark
|
|
=========
|
|
|
|
Linux is a trademark of Linus Torvalds in the United States, other
|
|
countries, or both.
|