Hello, I maintain drgn [1], a debugger for the Linux kernel. I ran into a quirk of the NT_PRSTATUS note in kernel core dumps [2], so I looked into how QEMU's dump-guest-memory command generates NT_PRSTATUS. I noticed that on most architectures, the note's PID field is set to the CPU ID plus 1. There are two exceptions: on s390x, there's an endianness bug (it's not byte swapped if the host is little endian), and on ppc, it's not set at all (it defaults to zero). They're both easy fixes.
Thanks, Omar 1: https://github.com/osandov/drgn 2: https://github.com/osandov/drgn/issues/404 Omar Sandoval (2): target/s390x/arch_dump: use correct byte order for pid target/ppc/arch_dump: set prstatus pid to cpuid target/ppc/arch_dump.c | 21 ++++++++++++--------- target/s390x/arch_dump.c | 2 +- 2 files changed, 13 insertions(+), 10 deletions(-) -- 2.45.2