How to analyse a core dump from a different machine?

linux

I'm new to analysing core dumps. I find myself with the vmcore file from different machines but when trying to run the crash command it complains the system is running a different version of kernel. How to analyse core dumps on a different server? Thanks.


Solution 1:

Use the exact kernel version on the analysis host as the host that crashed. uname -r should match.

crash when used on a dump file requires on the command line the (optionally compressed) vmlinux binary probably somewhere under /usr/lib/debug/lib/modules/, then the vmcore file that is the dump.

Also for user programs, ensure the same packages are installed as the crashing system. Useful to debug program crashes with gdb, or for testing applications in general.

Apply the same patching procedure to this analysis system, or restore an OS backup if you have that.

Debuggers are loading symbols, function names and such, into memory dumps of what the system state was. The versions need to match precisely or this will not work.

Related

NetworkManager does not bring up interface after reboot
How can a nameserver block Google bot?
How to use a wildcard subdomain with static subdomains with Google Cloud services?
setting up reverse proxy to google.com while maintaining prior webservice hosted on apache
*You post a random picture of a house* Someone: You bought a house! [duplicate]
Availability and Unavailability [closed]
More formal way to say "all-nighter"
A single word for turning something Italian?
Describing pronunciations: "You say it like" or "as"? [duplicate]
Verb placement in dependent clause
Is there a term for your parent's ex-spouse who is not your biological parent?
Comma after a coordinating conjunction preceding a parenthetical at the start of the sentence