about   news   features   install   document   tips   faq   download   link

Alicia User's Guide

Contents
  1. First Step
  2. LDAS

Your first Alicia step-by-step

This section will guide you through the process of making your first LDAS (Linux Dump Analysis Script). Fist of all, please check your environment for dump analysis:

Demo Environment

Uses the dump taken using LKCD during bench mark test (aim7) on ES7000(CPU:Intel Xeon2.8GHz*32,Memory:4GB,OS:kernel 2.4.21-9.35AX) .

kernel version 

$ uname -r
2.4.21-9.30AX

Perl version 

$perl --version
This is perl, v5.8.0 built for 
           :
           :

Perl Modules 

$ perldoc -m Term::ReadKey
#  $Id: ReadKey.pm,v 1.7 2002/07/28 12:01:18 gellyfish Exp $
            :
            :

$ perldoc -m Term::ReadLine::Perl
package Term::ReadLine::Perl;
            :
            :

Crash version 

$ crash -v
crash 3.8-5
            :
            :

Dump data

You need the Linux kernel dump, system map and vmlinux. Kernel dump is taken using LKCD, netdump, diskdump and so on. System map is the table to know the address of kernel symbol (e.g. /boot/System.map ). vmlinux is the uncompressed kernel image that has been compiled with -g option.

If you don't have these files, you may be able to run Alicia using the live memory (e.g. /dev/mem).

Install

Please see install document.

Next steps from here are to run your Alicia.

Running Alicia

$ alicia [mode] [argument according to mode] 
$ alicia -crash -s map vmlinux dump
Alicia 1.0.1 (build: Thu Mar 24 10:41:28 JST 2005)
            :
            :
or 
$ su -
# alicia -crash -s
crash utility opens the live memory using kernel-debuginfo(/usr/lib/debug/lib/modules/) if no arguments. To open the live memory, you must be root user.

Crash tool command 

alicia> sys;

  SYSTEM MAP: map
DEBUG KERNEL: vmlinux (2.4.21-9.35AX.reboot3smp)
    DUMPFILE: dump
        CPUS: 32
        DATE: Sat Oct  9 01:13:21 2004
      UPTIME: 02:04:25
LOAD AVERAGE: 65.99, 754.32, 975.01
       TASKS: 2166
    NODENAME: mlnx1
     RELEASE: 2.4.21-9.35AX.reboot3smp
     VERSION: #1 SMP Wed Sep 15 11:44:07 JST 2004
     MACHINE: i686  (2800 Mhz)
      MEMORY: 3.9 GB
       PANIC: "Fatal exception"

Perl-like fashion 

alicia> $var1 = pass_through('sys');
alicia> print $var1;

  SYSTEM MAP: map
DEBUG KERNEL: vmlinux (2.4.21-9.35AX.reboot3smp)
    DUMPFILE: dump
        CPUS: 32
        DATE: Sat Oct  9 01:13:21 2004
      UPTIME: 02:04:25
LOAD AVERAGE: 65.99, 754.32, 975.01
       TASKS: 2166
    NODENAME: mlnx1
     RELEASE: 2.4.21-9.35AX.reboot3smp
     VERSION: #1 SMP Wed Sep 15 11:44:07 JST 2004
     MACHINE: i686  (2800 Mhz)
      MEMORY: 3.9 GB
       PANIC: "Fatal exception"

alicia> $addr = get_addr 'saved_command_line'
alicia> print map { pack ("V",hex($_)) } get_mem($addr, 32)
ro r/devGrouLogV rhgiet ole=

alicia> $utsname = get_addr('system_utsname');
alicia> print kernel($utsname,  'new_utsname', 'release', 'char *');
2.6.11-1.27_FC3

LDAS (Linux Dump Analysis Script)

How to create Linux Dump Analysis Script (LDAS)

LDAS is just perl script. However, if LDAS you create hasn't been using Alicia's API, you cannot access the dump data.
Here is an example that sorts the result of "ps" command by physical memory. The ps command reports process state. 
sub psmem {
    my ($text, @pss, $header, @mps);
    $text = pass_through('ps');
    $text =~ s/>/ /g;
    @pss = split(/\n/, $text);
    $header = shift @pss;
    @mps = sort { (split(/\s+/,$b))[8]<=>(split(/\s+/,$a))[8]; } @pss;
    unshift (@mps, $header);
    return join "\n", @mps;
}
1;
Need to return TRUE (=1) at end of file for load command.

Loading the psmem.ldas on Alicia and Display the return value of psmem command. 

alicia> load 'psmem.ldas'
alicia> less psmem;

   PID    PPID  CPU   TASK    ST  %MEM     VSZ    RSS  COMM
   1262   1249   6  f4bd0000  RU   0.2   49384   6932  ocssd.bin
   1277   1264  25  f47de000  RU   0.2   49384   6932  ocssd.bin
   1278   1264   9  f47da000  RU   0.2   49384   6932  ocssd.bin
   1221      1  28  f4c46000  RU   0.1    6056   3640  xfs
  28254  28233  11  f0628000  RU   0.1    3308   2320  multitask
  28312  28233  29  e9300000  RU   0.1    3308   2320  multitask
   2090      1   0  f42dc000  RU   0.0    3044   1672  oprofiled
   1127      1  23  f5348000  IN   0.0    3776   1556  sshd

Another example 

sub uname {
    my @member = qw(sysname nodename release version machine);
    my $output = '';
    my $uts = get_addr('system_utsname');
    $output .= kernel($uts, 'new_utsname', $_, 'char*') . ' ' for (@member);
    print $output, "\n";
}
1;

Access to kernel structure

'class' command is very usefull for us. The struct name you registerd by class command is generated as new class and the struct member is generated as new method of the class. 
alicia> class 'task_struct', qw{flags pid *parent}   # * for pointer
alicia> my $flags = task_struct(dde8853c)->flags
alicia> my $p_pid = task_struct(dde8853c)->_p_parent->pid

TIPS for LDAS

Please see tips.

All Rights Reserved, Copyright © 2005, UNIADEX, Ltd.