Ubuntu

“crash” 6.1.6-1ubuntu0.13.04.1 source package in Ubuntu

Changelog

crash (6.1.6-1ubuntu0.13.04.1) raring-proposed; urgency=low

  * Merge from Debian unstable (LP: #1064475). Remaining changes:
    - debian/rules: Always build extensions and package them.
    - debian/rules: Cleanup for extensions.
  * Dropped ubuntu changes:
    - SPU extension support.
  * debian/control: Add armhf to build architectures.

crash (6.1.6-1) unstable; urgency=low

  * New upstream version 6.1.6

  * Fix for a crash-6.1.5 regression that causes the "mount" command to fail
    on kernel versions prior to Linux 3.3.  Without the patch, the command
    fails with the message "mount: invalid structure member offset:
    mount_mnt_devname".

crash (6.1.5-1) UNRELEASED; urgency=low

  * New upstream version 6.1.6

  * Fix for the ARM "irq" command.  Without the patch, on 2.6.34 and later
    kernels configured with CONFIG_SPARSE_IRQ, the command fails with the
    error message "irq: cannot determine number of IRQs".

  * Fix for a segmentation violation generated during invocation while parsing
    a makedumpfile-created "flat-format" vmcore-incomplete file.  Without the
    patch, the crash session would display the error message "crash: unable to
    seek dump file vmcore-incomplete", followed by a segmentation violation.

  * Fix for a segmentation violation generated by the "kmem -s" option when
    encountering a corrupted array_cache structure that contains a bogus
    "avail" count that is greater than the maximum legitimate limit value.
    Without the patch, the "kmem -s" command would print a warning message
    regarding the invalid array_cache, complete the command normally, and then
    generate a segmentation violation when freeing buffers used by the
    command.

  * Update to the "kmem -s" function to include the errors found in slab
    structures to the display of total errors found when the command
    completes.  Without the patch, invalid list_head pointers, bad inuse
    counters, and bad s_mem pointers were not added to the total number of
    errors found.

  * Fix for "crash --osrelease <dumpfile>" and "crash --log <dumpfile>" when
    run on an ARM compressed kdump with a crash binary that was built with
    "make target=ARM" on an x86 or x86_64 host.  Without the patch, if the
    compressed kdump header version is 4 or 5, "crash --osrelease" fails with
    the error message "crash: compressed kdump: cannot lseek dump vmcoreinfo"
    followed by "unknown", and "crash --log" fails with the error message
    "crash: <dumpfile>: no VMCOREINFO section".

  * Enhancement to the "swap" command to display the swap_info_struct address
    of each configured swap device.  The output has been changed to display
    the address in the first column, and the variable-length device name has
    been moved to the last column.

  * Fix for the "kmem -[sS]" options on kernels that configured with both
    CONFIG_SLUB and CONFIG_NODES_SHIFT, and that are running on hardware that
    generates NUMA nodes that contain no memory.  Without the patch, both
    command options fail immediately with the message "kmem: invalid kernel
    virtual address: 8  type: kmem_cache_node nr_partial".

  * Increment the PPC64 NR_CPUS maximum value from 1024 to 2048.

  * Strip the ".isra." and ".part." appendages to cloned text symbol names,
    which seem to have been introduced by gcc-4.6.0.  To keep them intact, a
    "--no_strip" command line option has been added.

  * Patch to the internal gdb_get_datatype() function to return the typecode
    and length of integer variables.

  * Fix for the "dev -d" option on Linux 3.6 and later kernels.  Without the
    patch the option fails with the message "dev: invalid structure member
    offset: request_queue_rq".

  * Export the red/black tree utility functions rb_first(), rb_parent(),
    rb_right(), rb_left(), rp_next() and rb_last().  Without the patch, they
    are statically declared and only used by the "runq" command.

  * Implemented a new "timer -r" option that displays the hrtimer queues,
    supporting all versions from Linux 2.6.16 to the present.

  * Fix for "kmem -s" on Linux 3.8 and later kernels that are configured with
    CONFIG_SLAB.  The kmem_cache.array[] length has been extended to store the
    nodelist pointers, so the original method to determine the per-cpu array
    limit can go out-of-range.  Without the patch, during session
    initialization there may be a message that indicates "crash: invalid
    kernel virtual address: <address> type: array cache limit", followed by
    "crash: unable to initialize kmem slab cache subsystem"; if those messages
    do get shown, then "kmem -s" will subsequently fail during runtime with
    the message "kmem: kmem cache slab subsystem not available".

  * Two Xen hypervisor fixes: (1) Fix console buffer content length
    calculation: Function displaying console buffer always assumes its content
    length equal to console buffer size.  This is not true and sometimes it
    sends garbage to the screen. This patch fixes this issue.  (2) Improve
    calculation of beginning of virtual address space: Xen changeset 26447
    (x86: re-introduce map_domain_page() et al) once again altered virtual
    address space.  The current algorithm calculating its start could not cope
    with that change.  New version establishes this value on the base of image
    start address and is more generic.

  * Fix for the ARM "vtop" command when run on a module address.  Without the
    patch, the command fails with error message "vtop: ambiguous address:
    <module-address>  (requires -u or -k)".

  * Add the "--active" command line option to the crash(8) man page and to the
    "crash [-h|--help]" output.

  * Add the "--buildinfo" command line option to the crash(8) man page and to
    the "crash [-h|--help]" output.

  * Remove the unadvertised and unnecessary "--data_debug" command line
    option, given that it is the default setting.

  * Remove the unadvertised and obsolete "--no_namelist_gzip" command line
    option.

  * Add the "-g [namelist]" command line option to the crash(8) man page and
    to the "crash [-h|--help]" output.

  * Remove the unadvertised and never-implemented "--shadow_page_tables"
    command line option.

  * Fix for the ARM "vtop" command when run on a user virtual address of the
    panic task.  Prior to Linux 3.3, the panic task's pgd gets overwritten
    with a pgd that identity-maps the whole address space, and therefore crash
    loses the capability of translating any user virtual address into its
    original physical address.

  * Fix to prevent the ARM linker mapping symbols "$d" and "$a" from being
    added to the list of symbols from kernel modules.  Without the patch, the
    two symbols would only be rejected from the base kernel's symbol list, but
    would be added to the symbol list of individual kernel modules.

  * Fix for the X86_64 "bt" command to recognize that the kernel was built
    with CONFIG_FRAME_POINTER on Linux 3.7 and later kernels that are
    configured with CONFIG_FUNCTION_TRACER.  In those kernels, the special
    4-byte NOP instruction that can be overwritten during runtime for dynamic
    ftracing has been moved to the very beginning of each function, before the
    function preamble.  Without the patch, the test that checks the function
    preamble to determine whether CONFIG_FRAME_POINTER was configured would
    fail, which could potentially lead to less reliable backtraces.

crash (6.1.4-1) UNRELEASED; urgency=low

  * New upstream version 6.1.4

  * Fix for a crash-6.1.3 regression with respect to the loading of extension
    modules.  Because of the change that replaced the obsolete _init() and
    _fini() functions with constructor and destructor functions, extension
    modules may fail to load when the extension modules are built with older
    compiler/linkers.  The problem is due to the continued usage of the
    -nostartfiles compiler option regardless whether the extension module has
    replaced its _init() function with a constructor function; with older
    compiler/linkers, the module may fail to load.  The fix predetermines
    whether an extension module still uses _init() or if it has been updated
    to use a constructor function, and will use the -nostartfiles option only
    on older "legacy" modules.

  * Implemented a new "list -r" option that can be used with lists that are
    linked with list_head structures.  When invoked, the command will traverse
    the linked list in the reverse order by using the "prev" pointer instead
    of "next".

  * Fix for the "swap" command's FILENAME display.  In some kernels between
    2.6.32 and 2.6.38 the swap partition's pathname may not show the "/dev"
    filename component.

  * Fix for the "swap" command's PCT display, which will display a a negative
    percentage value if more than 5368709 swap pages are in use.

crash (6.1.3-1) unstable; urgency=low

  * New upstream version 6.1.3

  * Implemented a new "crash --log dumpfile" option which dumps the
  kernel log buffer and exits.  A kernel namelist is not required,
  but the dumpfile must contain the VMCOREINFO data from the ELF
  header of the original /proc/vmcore file that was created by the
  kexec/kdump facility.  Accordingly, this option supports kdump ELF
  vmcores and compressed kdump vmcores created by the makedumpfile
  facility, including those that are in makedumpfile's intermediary
  "vmcore.flat" format.

  * Fixes for the ppc64.c file to handle gcc-4.7.2 compiler warnings when
  building crash with "make warn", or compiler failures when building
  with "make Warn" on a PPC64 machine.  Without the patch, gcc-4.7.2
  generates three "error: variable ‘<variable>’ set but not used
  [-Werror=unused-but-set-variable]" messages.

  * Update the PPC64 architecure's internal storage of the kernel's
  MAX_PHYSMEM_BITS value for Linux 3.7 and later kernels, which changed
  from 44 to 46 to for 64TB support.  Without the patch, there is no
  known issue, but the stored value should be correct.

  * Fix for the "mount" command's header display to indicate "MOUNT"
  instead of "VFSMOUNT" on Linux 3.3 and later kernels because the
  the first column contains a mount structure address instead of a
  vfsmount structure address.  For those later kernels, it is
  permissable to enter either the mount structure address, or the
  address of the vfsmount structure that is embedded within it, as
  an optional argument.  The output has also been tightened up so
  that the DIRNAME field is not shifted to the right based upon the
  DEVNAME field length.

  * Fix for the "mount <superblock>" search option on 2.6.32 and later
  kernels.  Without the patch, it is possible that multiple filesystems
  will be displayed.

  * Update to the "mount" help page to indicate that a dentry address
  may be used as a search option.

  * Fix for the "ps -l [pid|task|command]" option to display the
  specified tasks sorted with the most recently-run task (the largest
  last_run/timestamp) shown first, as is done with the "ps -l" option
  with no arguments.  Without the patch, the timestamp data gets
  displayed in the order of the "[pid|task|command]" arguments.

  * Added the "ps" command to the set of supported "foreach" commands,
  serving as an alternative manner of passing task-identifying
  arguments to the "ps" command.  For example, a command such as
  "foreach RU ps" can be accomplished without having to pipe normal
  "ps" output to "grep RU".  All "ps" options are supported from the
  "foreach" framework.

  * Fix for the "ps -G" restrictor option such that it also takes affect
  if the -p, -c, -l, -a, -r or -g options are used.  Without the
  patch, thread group filtering would only take effect when the default
  "ps" command is used without any of the options above.

  * Fortify the internal hq_open() function to return FALSE if it is
  already open, and have restore_sanity() and restore_ifile_sanity()
  call hq_close() unconditionally.

  * Added the "extend" command to the set of built-in commands that
  support minimal mode.  A new MINIMAL flag has been created for
  extension modules to set in their command_table_entry.flags field(s)
  to signal that a command supports minimal mode.  If the crash session
  has been invoked with --minimal, then the "extend" command will
  require that the module registers at least one command that has
  the MINIMAL bit set.

  * Prevent the "__crc_*" symbols from being added to the the ARM kernel
  symbol list.

  * Prevent the "PRRR" and "NMRR" absolute symbols from being added to
  the ARM kernel symbol list.  Without the patch, it allows an invalid
  set of addresses to pass the check in the in_ksymbol_range() function.

  * Fix for the ppc.c file to handle a gcc-4.7.2 compiler warning when
  building crash with "make warn", or compiler failures when building
  with "make Warn" on a PPC machine.  Without the patch, gcc-4.7.2
  generates the message "error: variable ‘dm’ set but not used
  [-Werror=unused-but-set-variable]".

  * Workaround for the "crash --osrelease dumpfile" option to be able
  to work with malformed ARM compressed kdump headers.  ARM compressed
  kdumps that indicate header version 3 may contain a malformed
  kdump_sub_header structure with offset_vmcoreinfo and size_vmcoreinfo
  fields offset by 4 bytes, and the actual vmcoreinfo data is not
  preceded by its ELF note header and its "VMCOREINFO" string.  This
  workaround finds the vmcoreinfo data and patches the stored header's
  offset_vmcoreinfo and size_vmcoreinfo values.  Without the patch, the
  "--osrelease dumpfile" command line option fails with the message
  "crash: compressed kdump: cannot lseek dump vmcoreinfo", followed by
  "unknown".

  * Fix for the "help -n" option on 32-bit compressed kdumps.  Without
  the patch, the offset_vmcoreinfo, offset_eraseinfo, and offset_note
  fields of the kdump_sub_header have their upper 32-bits clipped off
  when displayed.  However, it should be harmless since the offset
  values point into the first few pages of the dumpfile.

  * Update of the extensions/echo.c extension module example, and the
  "extend" help page, to utilize a constructor function to call the
  register_extension() function.  The _init() and _fini() functions
  have been designated as obsolete for usage by dlopen() and dlclose().
  The echo.c example module has been modified to contain echo_init()
  and echo_fini() functions marked as __attribute__((constructor)) and
  __attribute__((destructor)) respectively.

  * Updated extensions/dminfo.c, extensions/snap.c and extensions/trace.c
  to replace their _init() and _fini() functions with constructor and
  destructor functions.

  * Fix for the "bt" command on the PPC64 architecture when running
  on Linux 3.7 kernel threads.  Without the patch, some kernel threads
  may fail to terminate on the final ".ret_from_kernel_thread" frame,
  repeating that frame endlessly, because the stack linkage pointer
  points back to itself instead of being NULL.

crash (6.1.2-1) UNRELEASED; urgency=low

  * New upstream version 6.1.2

  * Enhancement of the "task" command to display both the task_struct and the
    thread_info structures of a task.  The -R option accepts members of
    either/both structure types.

  * Fix for the X86_64 "search" and "rd" commands due to this commit:
    http://git.kernel.org/linus/027ef6c87853b0a9df53175063028edb4950d476 Upon
    any attempt to read a page within the RAM region reserved for AMD GART on
    a live system, the Linux 3.7rc1 commit above causes causes /dev/mem,
    /proc/kcore and the /dev/crash drivers to spin forever, leading to a
    kernel soft lockup.  The RAM pages reserved for GART consist of 2MB large
    pages whose _PAGE_PRESENT bits are turned off.  Prior to the above commit,
    a read() attempt on GART RAM would cause an unresolvable page fault, and
    would harmlessly return an EFAULT.  The commit above has changed
    pmd_large() function such that it now returns TRUE if only _PAGE_PSE bit
    is set in the PTE, whereas before it required both _PAGE_PSE and
    _PAGE_PRESENT.  So instead of just failing the read() system call with an
    EFAULT, the page fault handling code now considers it a spurious TLB
    fault, and the instruction is retried indefinitely.  The crash utility
    patch stores the GART physical memory range, and disallows any attempts to
    read from it.

  * If an EPPIC_GIT_URL environment variable is defined, then the URL that it
    points to is used as an alternative to the code.google.com git source
    repository for the eppic.so extension module.  However, the alternative
    site is only accessed if code.google.com can first be pinged; this patch
    removes that restriction.

  * Fix for the "files" command PATH display on kernels configured with
    CONFIG_DEVTMPFS, when the vfsmount pointer in an file structure's "f_path"
    member does not point to the root vfsmount required for reconstructing the
    full file pathname.  Without the patch, open files in /dev directory may
    be truncated and not show the "/dev" filename component.

  * Enhancement to the "kmem -v" option on 2.6.28 and later kernels that
    utilize the "vmap_area_list" list of mapped kernel virtual memory regions,
    replacing the usage of the to-be-obsoleted "vmlist" list.  In those
    kernels, the output of the command will also show each vmap_area structure
    address, in addition to its vm_struct address, memory range, and size.

  * Update to the exported do_rbtree() and do_rdtree() functions such that
    they will return the number of items found in the targeted tree, similar
    in nature to the do_list() function.  The two functions have also been
    fixed such that the VERBOSE flag is actually recognized, so that external
    callers are able to gather the entries in a tree without having them
    displayed.  The calls to either function may be enclosed with hq_open()
    and hq_close() so the that tree entries may be subsequently gathered by
    retrieve_list() into a supplied buffer, as well as to recognize a
    corrupted list with duplicate entries.

  * Fix for the "extend -u" option to prevent the usage of a member of a
    free()'d extension_table structure.  No command failure occurs, but rather
    an inadvertent coding error.

  * Fix to allow error() to be called during an open_tmpfile() sequence prior
    to close_tmpfile() being called.  There are no crash functions that call
    error() during an open_tmpfile() sequence, but there's no reason why it
    cannot be done.  Without the patch, the error message gets displayed on
    stdout (as expected), but the error message will also overwrite/corrupt
    the tmpfile() data while it is being parsed.

  * Fix to properly determine whether X86_64 kernels were configured with
    CONFIG_FRAME_POINTER, due to this ftrace-related commit:
    http://git.kernel.org/linus/d57c5d51a30152f3175d2344cb6395f08bf8ee0c
    Without the patch, the crash utility fails to determine whether the kernel
    was built with CONFIG_FRAME_POINTER, and therefore the "bt" command cannot
    take advantage of it for more reliable backtraces.

  * Fix to properly determine whether 2.6.31 and earlier X86_64 kernels were
    configured with CONFIG_FRAME_POINTER.  Without the patch, the crash
    utility may fail to determine whether the kernel was built with
    CONFIG_FRAME_POINTER.  In those kernel versions -- which may be dependent
    upon the compiler version used -- one of the sample functions tested may
    have their "push %rbp, mov %rsp,%rbp" function preamble separated by other
    instruction(s), resulting in a false negative that precludes the "bt"
    command from taking advantage of framepointers.

  * Fix for the file and line-number string that is displayed by the "sym
    <kernel-text>" option.  Without the patch, the "/usr/src/" part of the
    string is stripped, and the filename string itself could have two
    corrupted characters in the pathname, for example, showing
    "k3.nel-3.6.fc17" instead of "kernel-3.6.fc17".  This is dependent upon
    the compiler version, or perhaps the string library that is linked into
    the crash binary, because it only has been seen on crash binaries built
    with gcc-4.7.  The fix now displays the full pathname, no longer dropping
    the "/usr/src" from beginning.

  * Restricted the X86_64 "line_number_hook" to kernels earlier than 2.6.24,
    i.e., kernels prior to the x86/x86_64 merge.  Without the patch, the
    manufactured filename information for assembly-language files was
    incorrect for 2.6.24 and later kernels.  Also, the kernel debuginfo data
    now has file/line-number data for assembly-language files as well,
    obviating the need for the hook.

  * Fix for the extensions/trace.c extension module to prevent a double free
    exception that would occur if a calloc() call fails during module
    initialization.

  * Fix for the "p -u" option if a 32-bit kernel symbol is incorrectly passed
    as an argument.  Without the patch, the command fails, but the next
    command requiring the services of the embedded gdb module will generate an
    error message of the sort "*** glibc detected *** crash: free(): invalid
    pointer: <address> ***", or "*** glibc detected *** crash: munmap_chunk():
    invalid pointer: <address> ***", followed by a backtrace, and an abort of
    the crash session.

  * Fix for the embedded gdb module to correctly handle kernel modules whose
    ELF header contains "__ksymtab" and "__ksymtab_gpl" sections with non-zero
    nonsensical "Address" values.

  * Without the patch, if one of the odd sections above is encountered, the
    "Offset" values of the remaining sections are not processed; and if the
    module's .data section is ignored, gdb incorrectly calculates the address
    of all symbols in the module's .data section, leading to incorrect output
    if, for example, data is printed with the gdb "p" command.  This invalid
    ELF section format was introduced in Linux 3.0 by the kernel's
    "scripts/module-common.lds" file.

  * Fix for the "runq -g" option if the kernel contains more than 200 task
    groups.  Without the patch, the command generates a segmentation
    violation.

crash (6.1.1-1) UNRELEASED; urgency=low

  * New upstream version 6.1.1

  * Fixes for the ARM "vtop" command display of kernel unity-mapped virtual
    addresses.  Without the patch, the PGD, PMD values may be incorrect, and
    the PAGE value is always incorrectly calculated.

  * Fix for Linux 2.6.34 and later kernels that are configured with
    CONFIG_SLUB, but not configured with CONFIG_IKCONFIG, to be able to
    determine the kernel's CONFIG_NR_CPUS value.  Without the patch, if the
    actual number of cpus is larger than the crash utility's per-architecture
    NR_CPUS maximum value, then the cpus beyond the NR_CPUS limit would not be
    accounted for.

  * Increment the X86_64 NR_CPUS maximum value from 4096 to 5120.

  * Try to determine whether the kernel is running as a virtual machine by
    using any available kernel-specific data or by dumpfile type.  The results
    of the hypervisor type search will be stored in the internal kernel_table
    data structure, and if a hypervisor type can be determined, its name will
    be displayed by the "mach" command.  The result of the hypervisor
    determination, successful or otherwise, may be viewed during session
    initialization if the -d<number> command line option is invoked, or during
    runtime via the "help -k" option.  Only applicable to the X86, X86_64 and
    IA64 architectures.

  * Allow the "ps command" and "foreach name" command options to contain more
    than the kernel's maximum of 15 characters that are stored in each task's
    task_struct.comm[] array.  Without the patch, the two string arguments
    were required to be the possibly-truncated command name string in order to
    match.

  * Enhancement to the "ps" command to allow any of the "command" arguments to
    be POSIX extended regular expressions.  The expression string must be
    encompassed by "'" characters, and will be matched against the names of
    all tasks.

  * Add support for 2GB pages in the S390X virtual-to-physical address
    translation function.  Required for the new IBM zEC12 Mainframe.

  * Initial preparation for support of the ARM64 architecture.

  * Fix for the "log" command if a kernel message contains either a '\n' or a
    '\t'.  Without the patch, the two characters are replaced with a '.', and
    the message continues.  With the patch applied, the characters are
    printed, and if it is a '\n', spaces are inserted after the linefeed so
    that the subsequent characters in the message line up appropriately under
    the preceding line.

  * Fix for the "kmem -[sS]" options on kernels that configured with both
    CONFIG_SLUB and CONFIG_NODES_SHIFT, and that are running on hardware that
    generates NUMA node ids that are not numbered consecutively.  Without the
    patch, both command options fail with the error message "kmem: invalid
    kernel virtual address: 8  type: kmem_cache_node nr_partial".

  * Fix for the "trace.so" extension module's "trace show" command.  Without
    the patch, the output showing each trace point is shown with two
    hexadecimal virtual addresses instead of displaying them symbolically
    using the format "<function> <-- <function>".

  * Fixes for handling incomplete/invalid ELF or compressed kdump vmcores
    whose per-cpu NT_PRSTATUS notes are missing.  For example, this has been
    seen to happen when kexec/kdump incorrectly recognizes a Xen DomU kernel
    as a Xen Dom0 kernel.  Without the patch, possible ramifications would be
    a NULL pointer dereference during session intialization when searching for
    the panic task, or during the "bt" command on an active task.

  * Implemented a new "runq -g" option that displays CFS runqueue tasks
    hierarchically by task_group.  Tasks in throttled groups are also
    displayed.  The "runq" command with no option will no longer display
    task_group data for the RT queue.

  * Patchset for Xen support up to version 4.2:

  * Fix for the S390X virtual-to-physical address translation to allow the HW
    Change-bit override bit (0x100) to be used in page table entries.

  * Fix for a rarely-seen circumstance in which a kdump ELF vmcore of a Xen
    dom0 kernel gets incorrectly identified as a old-style netdump ELF vmcore.
    This has only been seen after the original kdump ELF vmcore was
    transformed via "makedumpfile -d1".  Without the patch, the crash session
    fails during initialization with the messages "crash: invalid size
    request: 0  type: xen kdump p2m mfn page", followed by "crash: cannot read
    xen kdump p2m mfn page".  If run against the Xen hypervisor, the session
    fails during initialization with the error message "crash: read error:
    kernel virtual address: <address>  type: crashing_cpu".
 -- Stefan Bader <email address hidden>   Tue, 11 Jun 2013 17:52:54 +0200

Upload details

Uploaded by:
Stefan Bader on 2013-08-07
Sponsored by:
Andy Whitcroft
Uploaded to:
Raring
Original maintainer:
Ubuntu MOTU Developers
Component:
main
Architectures:
i386 ia64 alpha powerpc amd64 armhf
Section:
utils
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Raring updates on 2013-08-26 main utils

Downloads

File Size MD5 Checksum
crash_6.1.6.orig.tar.gz 25.5 MiB 884544e117f08c370b7ec14812547a0f
crash_6.1.6-1ubuntu0.13.04.1.diff.gz 59.2 KiB 157623b44483ee7e85001fcb8a9b65a6
crash_6.1.6-1ubuntu0.13.04.1.dsc 1.8 KiB 4ba31153c4245a5bc6a4f7bb16888066

Binary packages built by this source

crash: kernel debugging utility, allowing gdb like syntax

 The core analysis suite is a self-contained tool that can be used to
 investigate either live systems, or multiple different core dump formats
 including kdump, LKCD, netdump and diskdump.
 .
 o The tool is loosely based on the SVR4 crash command, but has been
    completely integrated with gdb in order to be able to display
    formatted kernel data structures, disassemble source code, etc.
 .
 o The current set of available commands consist of common kernel core
    analysis tools such as a context-specific stack traces, source code
    disassembly, kernel variable displays, memory display, dumps of
    linked-lists, etc. In addition, any gdb command may be entered,
    which in turn will be passed onto the gdb module for execution.
 .
 o There are several commands that delve deeper into specific kernel
    subsystems, which also serve as templates for kernel developers
    to create new commands for analysis of a specific area of interest.
    Adding a new command is a simple affair, and a quick recompile
    adds it to the command menu.
 .
 o The intent is to make the tool independent of Linux version dependencies,
    building in recognition of major kernel code changes so as to adapt to
    new kernel versions, while maintaining backwards compatibility.