Debugging core files with GDB using RHEL

Sometimes you need to go deep in your technical analysis to discover the root cause of a problem, and if you are working in a situation that a crash dump was generated, you have all necessary information to provide your root cause analysis.

A core file is an image of a process that has crashed It contains all process information pertinent to debugging: contents of hardware registers, process status, and process data.

To install the crash analyzing tool, execute the following command.

# yum install crash -y

In addition to crash, it is also necessary to install the kernel-debuginfo package, which provides the data necessary for dump analysis.

# yum --enablerepo=\*debuginfo
# debuginfo-install kernel

To start the utility, use the following command.

# crash /var/crash/\:24\:39/vmcore /usr/lib/debug/lib/modules/`uname –r`/vmlinux

Note that the <kernel> version should be the same that was captured by kdump. To find out which kernel you are currently running, use the uname -r command.

Display system information about the system.

crash> sys

Display the kernel message buffer, using the following command.

crash> log

Display the kernel stack trace.

crash> bt

Display status of processes in the system.

crash> ps

Display basic virtual memory information.

crash> vm

Display information about open files.

crash> files

Display swap information.

crash> swap

Display IPCS information.

crash> ipcs

Display IRQ information.

crash> irq -s



Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.