Re: [PATCH] Fix "vm -M" option to properly display virtual memory data of the task

HAGIO KAZUHITO(萩尾 一仁) <k-hagio-ab@xxxxxxx> · Fri, 17 Mar 2023 02:26:28 +0000

On 2023/03/17 11:12, lijiang wrote:
> Hi, Kazu
> Thank you for the comment.
> On Fri, Mar 17, 2023 at 9:02 AM HAGIO KAZUHITO(萩尾　一仁) <k-hagio-ab@xxxxxxx <mailto:k-hagio-ab@xxxxxxx>> wrote:
> 
>     Hi Lianbo,
> 
>     On 2023/03/15 18:07, Lianbo Jiang wrote:
>      > The help/man page of the "vm" command suggests that the "-M" option
>      > accepts the mm_struct address as a valid argument. However, the "vm
>      > -M" option always prints the virtual memory data of the current
>      > task, regardless of its arguments.
> 
>     I think that it's the intended behavior, isn't it?
> 
>                -M mm  if the mm_struct address has been removed from the task_struct
>                       of an exiting task, the virtual memory data cannot be displayed.
>                       However, if the address can be determined from the kernel stack,
>                       it can be entered manually in order to try to resurrect the
>                       virtual memory data of the task.
> 
> They are not the same issues.
> 
> For the live debugging, take the sshd as an example:
> 
> Without the patch:
> crash> ps |grep sshd
>       1159       1   3  ffff9915858a9980  IN   0.1    15820     9020  sshd
> 51573    1159   2  ffff991572868000  IN   0.1    18916    11168  sshd
>      51595   51573   2  ffff991575026600  IN   0.0    18784     6892  sshd
> crash> vm -M ffff991572868000
> PID: 51727    TASK: ffff9914465cb300  CPU: 0    COMMAND: "crash"   <------not a correct result

No, I meant that this is correct.  Let me explain,

(1) The "-M mm" option accepts an *mm_struct* address.
(2) The specified mm is enabled only when the mm_struct address has been
removedfrom the task_struct, i.e. mm = 0.

So we can emulate that situation e.g. with kthreadd (pid=2) like this:

crash> vm 1
PID: 1        TASK: ffff900b41599840  CPU: 11   COMMAND: "systemd"
        MM               PGD          RSS    TOTAL_VM
ffff9019ff0e3f00  ffff9019ffc10000  12516k  250328k
       VMA           START       END     FLAGS FILE
ffff900c94de2488 55e2c48d1000 55e2c4a13000 8000875 /usr/lib/systemd/systemd
...

crash> vm 2
PID: 2        TASK: ffff900b4159b080  CPU: 2    COMMAND: "kthreadd"
        MM               PGD          RSS    TOTAL_VM
        0                 0            0k       0k
       ^^^
crash> vm 2 -M ffff9019ff0e3f00  <<-- systemd's mm
PID: 2        TASK: ffff900b4159b080  CPU: 2    COMMAND: "kthreadd"
        MM               PGD          RSS    TOTAL_VM
        0                 0            0k       0k
       VMA           START       END     FLAGS FILE
ffff900c94de2488 55e2c48d1000 55e2c4a13000 8000875 /usr/lib/systemd/systemd

I think this is the expected usage of the "-M mm" option.

Thanks,
Kazu
--
Crash-utility mailing list
Crash-utility@xxxxxxxxxx
https://listman.redhat.com/mailman/listinfo/crash-utility
Contribution Guidelines: https://github.com/crash-utility/crash/wiki