Anyone interested in core dumps for EFI?

Anyone interested in core dumps for EFI?

[Andrew Fish]

I was mucking around making a mach-O core dump file and it turned out to be a little easier than I thought once I figured out the magic. The reality is it is constructed a lot like an executable. I'm assuming on the gcc and ELF side it would be similar. I've got no clue how it works on Windows.

I basically wrote an lldb Python debugger function that takes a register dump and a list of memory ranges and it makes a core dump that you can read into lldb. The tricky bit is figuring out what to dump. I figured out how to find the stack that was in use (hint: top of stack is derived from rounding backward from the oldest frames frame pointer). If you have the stack frame you can find the load address and size of all the PE/COFF images referenced in the frame. Thus the stack + PE/COFF images in the frame becomes the simple core dump, and you get locals, globals, code. So far so good, but the problem comes in when you try and figure out the malloc'ed memory.....

I'm guessing in PEI getting access to the PHIT HOB (EFI_HOB_HANDOFF_INFO_TABLE) and knowing the range of the XIP code in FVs would be the really useful info you need. In DXE you kind of need the memory map. The interesting thing about DXE is you don't really really care about the memory types as it is really just a do you need it kind of decision. I also guess if your memory reads are fast enough you can trade off dumping unused memory to remove fragmentation from the list. 

It kind of feels like we would need to update the DebugAgentLib so there is a path to communicate the memory regions that need to be dumped. I guess it might be possible to have the CpuExceptionHandlerLib do a core dump, but it is going to run into the same issue that you really need to know the memory ranges to dump. 

Seemed like an interesting topic to think about....

Thanks,

Andrew Fish