Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Crash

Introduction

Crash is a memory dump analysis tool developed and maintained by Dave Anderson. It is widely used to locate kernel problems.

Installing Crash

On CentOS, use Yum to install Crash-related components.

yum install crash kernel-debug*-`uname -r`

The kernel version must be the same as the kernel version of the generated vmcore.

Using Crash

  • Enable Crash debugging.
    crash $path1/vmlinux $path2/vmcore
    • The vmcore for Crash debugging must belong to the same kernel as vmlinux.
    • $path1/vmlinux is the uncompressed kernel image. For the default OS kernel, path1 is usually /usr/lib/debug/lib/modules/`uname -r` on CentOS 7.6 and openEuler. For the recompiled kernel, path1 is located in the source code directory of the recompiled kernel.
    • $path2/vmcore is the dump file obtained through the dump function.
  • Crash debugging command:
     (crash) command *args

    (crash) is displayed when you enter the debugging mode. command indicates the debugging command to be executed, and *args indicates the parameter required by some debugging commands.

    Common parameters are as follows:

    Parameter

    Description

    bt

    Prints the function call stack information.

    log

    Prints the system message buffer. Example: log | tail -n 30

    ps

    Displays the process status. > indicates an active process. Example: ps | grep RU

    dis

    Disassembles a specified function or address. Example: dis -l [func | addr]

    whatis

    Searches for data or type information. Example: whatis [struct | union | typedef | symbol]

    sym

    Converts a virtual address to a symbol.
Parent topic: Analysis Tool