There is possibility to run crash on live system, this has some drawbacks though:

  • not all its features are available (e.g. inspecting stacks of tasks),
  • crash may be intrusive (e.g. wr), i.e. danger for production systems,
  • time window for live session may be limited.

For userspace programs there is gcore utility (based on ptrace) that can take a coredump of a running program for deferred analysis.

Explore possibilities of implementing live dumping for kernel and attempt a live dump implementation.

Related

Introduce: Live Dump

Looking for mad skills in:

kdump crash

This project is part of:

Hack Week 18

Activity

  • 6 months ago: mkubecek liked Kernel live dump
  • 6 months ago: mbrugger liked Kernel live dump
  • 7 months ago: mkoutny added keyword "crash" to Kernel live dump
  • 7 months ago: mkoutny added keyword "kdump" to Kernel live dump
  • 7 months ago: mkoutny originated Kernel live dump
  • Show History

    Comments

    Be the first to comment!

    Similar Projects

    This project is one of its kind!