Hi Kazu, On Fri, Nov 28, 2025 at 9:04 PM HAGIO KAZUHITO(萩尾 一仁) <[email protected]> wrote: > > On 2025/11/24 13:46, Tao Liu wrote: > > Kindly ping... Any comments on this? > > Hi Tao, > > I'm sorry for the delay. I think I can look into this next month.
No worries, please take your time :) Thanks, Tao Liu > > Thanks, > Kazu > > > > > Thanks, > > Tao Liu > > > > On Tue, Oct 21, 2025 at 11:24 AM Tao Liu <[email protected]> wrote: > >> > >> A) This patchset will introduce the following features to makedumpfile: > >> > >> 1) Enable eppic script for memory pages filtering. > >> 2) Enable btf and kallsyms for symbol type and address resolving. > >> > >> B) The purpose of the features are: > >> > >> 1) Currently makedumpfile filters mm pages based on page flags, because > >> flags > >> can help to determine one page's usage. But this page-flag-checking > >> method > >> lacks of flexibility in certain cases, e.g. if we want to filter > >> those mm > >> pages occupied by GPU during vmcore dumping due to: > >> > >> a) GPU may be taking a large memory and contains sensitive data; > >> b) GPU mm pages have no relations to kernel crash and useless for > >> vmcore > >> analysis. > >> > >> But there is no GPU mm page specific flags, and apparently we don't > >> need > >> to create one just for kdump use. A programmable filtering tool is > >> more > >> suitable for such cases. In addition, different GPU vendors may use > >> different ways for mm pages allocating, programmable filtering is > >> better > >> than hard coding these GPU specific logics into makedumpfile in this > >> case. > >> > >> 2) Currently makedumpfile already contains a programmable filtering > >> tool, aka > >> eppic script, which allows user to write customized code for data > >> erasing. > >> However it has the following drawbacks: > >> > >> a) cannot do mm page filtering. > >> b) need to access to debuginfo of both kernel and modules, which is > >> not > >> applicable in the 2nd kernel. > >> c) Poor performance, making vmcore dumping time unacceptable (See > >> the following performance testing). > >> > >> makedumpfile need to resolve the dwarf data from debuginfo, to get > >> symbols > >> types and addresses. In recent kernel there are dwarf alternatives > >> such > >> as btf/kallsyms which can be used for this purpose. And btf/kallsyms > >> info > >> are already packed within vmcore, so we can use it directly. > >> > >> With these, this patchset introduces an upgraded eppic, which is based > >> on > >> btf/kallsyms symbol resolving, and is programmable for mm page > >> filtering. > >> The following info shows its usage and performance, please note the > >> tests > >> are performed in 1st kernel: > >> > >> $ time ./makedumpfile -d 31 -l > >> /var/crash/127.0.0.1-2025-06-10-18\:03\:12/vmcore > >> /tmp/dwarf.out -x > >> /lib/debug/lib/modules/6.11.8-300.fc41.x86_64/vmlinux > >> --eppic eppic_scripts/filter_amdgpu_mm_pages.c > >> real 14m6.894s > >> user 4m16.900s > >> sys 9m44.695s > >> > >> $ time ./makedumpfile -d 31 -l > >> /var/crash/127.0.0.1-2025-06-10-18\:03\:12/vmcore > >> /tmp/btf.out --eppic eppic_scripts/filter_amdgpu_mm_pages.c > >> real 0m10.672s > >> user 0m9.270s > >> sys 0m1.130s > >> > >> -rw------- 1 root root 367475074 Jun 10 18:06 btf.out > >> -rw------- 1 root root 367475074 Jun 10 21:05 dwarf.out > >> -rw-rw-rw- 1 root root 387181418 Jun 10 18:03 > >> /var/crash/127.0.0.1-2025-06-10-18:03:12/vmcore > >> > >> C) Discussion: > >> > >> 1) GPU types: Currently only tested with amdgpu's mm page filtering, > >> others > >> are not tested. > >> 2) OS: The code can work on rhel-10+/rhel9.5+ on > >> x86_64/arm64/s390/ppc64. > >> Others are not tested. > >> > >> D) Testing: > >> > >> 1) If you don't want to create your vmcore, you can find a vmcore which > >> I > >> created with amdgpu mm pages unfiltered [1], the amdgpu mm pages are > >> allocated by program [2]. You can use the vmcore in 1st kernel to > >> filter > >> the amdgpu mm pages by the previous performance testing cmdline. To > >> verify the pages are filtered in crash: > >> > >> Unfiltered: > >> crash> search -c "!QAZXSW@#EDC" > >> ffff96b7fa800000: > >> !QAZXSW@#EDCXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX > >> ffff96b87c800000: > >> !QAZXSW@#EDCXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX > >> crash> rd ffff96b7fa800000 > >> ffff96b7fa800000: 405753585a415121 !QAZXSW@ > >> crash> rd ffff96b87c800000 > >> ffff96b87c800000: 405753585a415121 !QAZXSW@ > >> > >> Filtered: > >> crash> search -c "!QAZXSW@#EDC" > >> crash> rd ffff96b7fa800000 > >> rd: page excluded: kernel virtual address: ffff96b7fa800000 type: > >> "64-bit KVADDR" > >> crash> rd ffff96b87c800000 > >> rd: page excluded: kernel virtual address: ffff96b87c800000 type: > >> "64-bit KVADDR" > >> > >> 2) You can use eppic_scripts/print_all_vma.c against an ordinary vmcore > >> to > >> test only btf/kallsyms functions by output all VMAs if no amdgpu > >> vmcores/machine avaliable. > >> > >> [1]: https://people.redhat.com/~ltao/core/ > >> [2]: https://gist.github.com/liutgnu/a8cbce1c666452f1530e1410d1f352df > >> > >> v2 -> v1: > >> > >> 1) Moved maple tree related code(for VMA iteration) into eppic script, so > >> we > >> don't need to port maple tree code to makedumpfile. > >> > >> 2) Reorganized the patchset as follows: > >> > >> --- <common modification> --- > >> 1.Add page filtering function > >> 2.Supporting main() as the entry of eppic script > >> > >> --- <dwarf related modification> --- > >> 3.dwarf_info: Support kernel address randomization > >> 4.dwarf_info: Fix a infinite recursion bug for rust > >> 5.eppic dwarf: support anonymous structs member resolving > >> 6.Enable page filtering for dwarf eppic > >> > >> --- <btf & kallsyms related modification> --- > >> 7.Implement kernel kallsyms resolving > >> 8.Implement kernel btf resolving > >> 9.Implement kernel module's kallsyms resolving > >> 10.Implement kernel module's btf resolving > >> 11.Export necessary btf/kallsyms functions to eppic extension > >> 12.Enable page filtering for btf/kallsyms eppic > >> 13.Docs: Update eppic related entries > >> > >> --- <only for test purpose, don't merge> --- > >> 14.Introducing 2 eppic scripts to test the dwarf/btf eppic extension > >> > >> The modification on dwarf is primary for comparision purpose, that > >> for the same eppic program, mm page filtering should get exact same > >> outputs for dwarf & kallsyms/btf based approaches. If outputs unmatch, > >> this indicates bugs. In fact, we will never take dwarf mm pages > >> filtering > >> in real use, due to its poor performance as well as inaccessibility > >> of debuginfo during kdump in 2nd kernel. So patch 3/4/5 won't affect > >> the function of btf/kallsyms eppic mm page filtering, but there are > >> functions shared in patch 6, so it is a must-have one. Patch 14 is > >> only for test purpose, to demonstrate how to write eppic script for > >> mm page filtering, so it isn't a must-have patch. > >> > >> Please note, in patch 14, I have deliberately converted all array > >> operation into pointer operation, e.g. modified "node->slot[i]" into > >> "*((unsigned long *)&(node->slot) + i)". This is because there are > >> bugs for array operation support in extension_eppic.c. I didn't have > >> effort to test and fix them all because as I mentioned previously, > >> mm page filtering in dwarf side is only for comparision and will > >> never be used in real use. There is no such issue for kallsyms/btf > >> eppic side. > >> > >> 3) Since we ported maple tree code to eppic script, several bugs found > >> both for eppic library & eppic btf support. Please use master branch > >> of eppic library to co-compile with this patchset. > >> > >> Tao Liu (14): > >> Add page filtering function > >> Supporting main() as the entry of eppic script > >> dwarf_info: Support kernel address randomization > >> dwarf_info: Fix a infinite recursion bug for rust > >> eppic dwarf: support anonymous structs member resolving > >> Enable page filtering for dwarf eppic > >> Implement kernel kallsyms resolving > >> Implement kernel btf resolving > >> Implement kernel module's kallsyms resolving > >> Implement kernel module's btf resolving > >> Export necessary btf/kallsyms functions to eppic extension > >> Enable page filtering for btf/kallsyms eppic > >> Docs: Update eppic related entries > >> Introducing 2 eppic scripts to test the dwarf/btf eppic extension > >> > >> Makefile | 6 +- > >> btf.c | 919 +++++++++++++++++++++++++ > >> btf.h | 177 +++++ > >> dwarf_info.c | 7 + > >> eppic_scripts/filter_amdgpu_mm_pages.c | 255 +++++++ > >> eppic_scripts/print_all_vma.c | 239 +++++++ > >> erase_info.c | 120 +++- > >> erase_info.h | 19 + > >> extension_btf.c | 258 +++++++ > >> extension_eppic.c | 106 ++- > >> extension_eppic.h | 6 +- > >> kallsyms.c | 392 +++++++++++ > >> kallsyms.h | 41 ++ > >> makedumpfile.8.in | 24 +- > >> makedumpfile.c | 21 +- > >> makedumpfile.h | 11 + > >> print_info.c | 11 +- > >> 17 files changed, 2550 insertions(+), 62 deletions(-) > >> create mode 100644 btf.c > >> create mode 100644 btf.h > >> create mode 100644 eppic_scripts/filter_amdgpu_mm_pages.c > >> create mode 100644 eppic_scripts/print_all_vma.c > >> create mode 100644 extension_btf.c > >> create mode 100644 kallsyms.c > >> create mode 100644 kallsyms.h > >> > >> -- > >> 2.47.0 > >>
