libdrgn: program: detect QEMU guest memory dumps without VMCOREINFO

osandov · osandov · commit 2bd861f719a4 · 2022-06-28T00:41:05.000-07:00
Issue osandov#182 reported that a core dump created by QEMU's dump-guest-memory command confuses drgn: by default, it only has NT_PRSTATUS notes and QEMU state notes for each CPU, so drgn thinks it's a userspace core dump, and it doesn't have the necessary VMCOREINFO to use it as a Linux kernel core dump. It turns out that QEMU and Linux can cooperate to add a VMCOREINFO note to the guest memory dump, which suffices for drgn. Let's detect a QEMU guest memory dump without a VMCOREINFO note and include instructions on how to capture a QEMU dump that makes drgn happy. Signed-off-by: Omar Sandoval <osandov@osandov.com>
diff --git a/libdrgn/program.c b/libdrgn/program.c
@@ -236,6 +236,7 @@ drgn_program_set_core_dump(struct drgn_program *prog, const char *path)
 	size_t phnum, i;
 	size_t num_file_segments, j;
 	bool have_phys_addrs = false;
+	bool have_qemu_note = false;
 	const char *vmcoreinfo_note = NULL;
 	size_t vmcoreinfo_size = 0;
 	bool have_nt_taskstruct = false, is_proc_kcore;
@@ -355,6 +356,10 @@ drgn_program_set_core_dump(struct drgn_program *prog, const char *path)
 					 * may be valid.
 					 */
 					have_phys_addrs = true;
+				} else if (nhdr.n_namesz == sizeof("QEMU") &&
+					   memcmp(name, "QEMU",
+						  sizeof("QEMU")) == 0) {
+					have_qemu_note = true;
 				}
 			}
 		}
@@ -525,6 +530,15 @@ drgn_program_set_core_dump(struct drgn_program *prog, const char *path)
 		prog->core = NULL;
 	} else if (vmcoreinfo_note) {
 		prog->flags |= DRGN_PROGRAM_IS_LINUX_KERNEL;
+	} else if (have_qemu_note) {
+		err = drgn_error_create(DRGN_ERROR_INVALID_ARGUMENT,
+					"unrecognized QEMU memory dump; "
+					"for Linux guests, run QEMU with '-device vmcoreinfo', "
+					"compile the kernel with CONFIG_CRASH_CORE and CONFIG_FW_CFG, "
+					"and load the qemu_fw_cfg kernel module "
+					"before dumping the guest memory "
+					"(requires Linux >= 4.17 and QEMU >= 2.11)");
+		goto out_segments;
 	}
 	if (prog->flags & DRGN_PROGRAM_IS_LINUX_KERNEL) {
 		err = drgn_program_add_object_finder(prog,
