Debugging core files with GDB using RHEL

Sometimes you need to go deep in your technical analysis to discover the root cause of a problem, and if you are working in a situation that a crash dump was generated, you have all necessary information to provide your root cause analysis.

A core file is an image of a process that has crashed It contains all process information pertinent to debugging: contents of hardware registers, process status, and process data.

To install the crash analyzing tool, execute the following command.

# yum install crash -y

In addition to crash, it is also necessary to install the kernel-debuginfo package, which provides the data necessary for dump analysis.

# yum --enablerepo=\*debuginfo
# debuginfo-install kernel

To start the utility, use the following command.

# crash /var/crash/127.0.0.1-2014-03-26-12\:24\:39/vmcore /usr/lib/debug/lib/modules/`uname –r`/vmlinux

Note that the <kernel> version should be the same that was captured by kdump. To find out which kernel you are currently running, use the uname -r command.

Display system information about the system.

crash> sys

Display the kernel message buffer, using the following command.

crash> log

Display the kernel stack trace.

crash> bt

Display status of processes in the system.

crash> ps

Display basic virtual memory information.

crash> vm

Display information about open files.

crash> files

Display swap information.

crash> swap

Display IPCS information.

crash> ipcs

Display IRQ information.

crash> irq -s

 

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s