Go to main content

man pages section 1: User Commands

Exit Print View

Updated: Thursday, June 13, 2019
 
 

scat (1)

Name

scat - kernel crash dump analysis tool

Synopsis

scat [ --nommap ] [ --usesymfile ] <core number>

scat [ --nommap ] [ --usesymfile ] [<unix file>] <core file>

scat --sanity_checks [<unix file>] <core file>

scat --explore [-v] [-a] [-d dest] [<unix file>] <core file>

scat --nocore

Description

scat(1)                     General Commands Manual                    scat(1)



NAME
       scat, blast - kernel crash dump analysis tool

SYNOPSIS
       scat [ --nommap ] [ --usesymfile ] <core number>

       scat [ --nommap ] [ --usesymfile ] [<unix file>] <core file>

       scat --sanity_checks [<unix file>] <core file>

       scat --explore [-v] [-a] [-d dest] [<unix file>] <core file>

       scat --nocore

AVAILABILITY
       This software supports SPARC platforms running Oracle Solaris 8 through
       12, and x86 / x64 systems running Oracle Solaris 10 through 12.

DESCRIPTION
       Oracle Solaris Crash Analysis Tool is a post-mortem kernel  crash  dump
       analysis tool to assist kernel developers and diagnostic engineers.  It
       relieves the user of many repetitive commands and displays  information
       in a useful format.

       The command line interface is invoked with the scat

OPTIONS
       --nommap
              By  default,  Oracle Solaris Crash Analysis Tool uses mmap(2) to
              access the dump files. This behaviour  may  be  changed  to  use
              pread(2)  / pwrite(2) for cases where resource utilization is at
              a premium.

       --usesymfile
              Oracle Solaris Crash Analysis Tool uses the symbol table present
              in  the vmcore file whenever possible.  This option forces it to
              use the symbol table in the unix.X file instead.

       --sanity_checks
              This option informs Oracle Solaris Crash Analysis  Tool  to  run
              its sanity checks and then immediately exit.  Use this option to
              quickly verify the state of a running system or crash dump file.

       --nochecks
              This option informs Oracle Solaris Crash Analysis Tool to  start
              without  running  the  sanity checks.  Use this if there are any
              problems with the startup sanity checks.

       --explore [-v] [-a] [-d dest]
              explore is a script included with Oracle Solaris Crash  Analysis
              Tool  which  extracts  crash  data  from a crash dump.  When the
              --explore option is issued  to  Oracle  Solaris  Crash  Analysis
              Tool,  the  crash  dump  is opened and explore is run.  The col-
              lected crash data is saved in a directory with  the  crash  dump
              and  the  directory name is displayed. explore also saves a com-
              pressed tar archive of the crash data  in  this  directory.  The
              following options can be passed:

       -v     Places  explore in verbose mode whereby it prints messages stat-
              ing what it is working on.

       -a     Causes explore to run in "auto-mode"  -  the  program  does  not
              prompt for information concerning the crash dump.

       -d dest
              Informs  explore  where to write it's output.  Normall, the tool
              creates an output directory under the present working dorectory.

       --nocore
              The tool doesn't open a core, and is available for  running  the
              calc and data conversion / display commands.

       --write
              Opens  the  crash dump read / write, and and thus enables witing
              to the crash dump.

       There are other debugging options available to assist the developers of
       the  software,  although they should not be needed under normal circum-
       stances as the tool automatically recognises  the  system  architecture
       and operating system version to be analyzed and so on.

OPERANDS
       When  invoked without operands, the tool reads /dev/ksyms and /dev/kmem
       for the dump image (that is, the live system on which the tool is  exe-
       cuting).

       If  /dev/kmem  is  not  readable, the tool starts up as if the --nocore
       option had been provided.

       core number    This is an integer which is the filename suffix from the
                      dump  files.  Specifying core number alone is a shortcut
                      for typing unix.X and vmcore.X.  If  the  coredump  uses
                      dumphdr  version  11 and above, any other cores matching
                      vmcore*.X are also opened.

       unix file      This file contains the kernel namelist. It  is  normally
                      named  unix.X,  where  X is an integer which matches the
                      vmcore file. The unix file has  become  superfluous  and
                      the namelist is retrieved from the core file.

       core file      The  core  file  is normally named vmcore.X, it contains
                      the memory image from the time the dump was produced.

USAGE
       The tool is capable of analyzing 32-bit or 64-bit crash dumps  produced
       by  the  SPARC platform edition of Oracle Solaris 8 through 12, and the
       x86 / x64 platform edition of Oracle Solaris 10 through 12. To  analyze
       a  64-bit  dump, the tool must be executed on a system booted in 64-bit
       mode.  The tool will only open SPARC crash dumps on SPARC,  and  x86  /
       x64 crash dumps on x86 / x64.

EXAMPLES
       To  analyze  a  live  running system, invoke the tool without operands.
       Root privileges will normally be needed as read access is  required  to
       /dev/ksyms and /dev/kmem.

       # scat

       The following example is used to analyze the dump in vmcore.0

       % scat vmcore.0

       The  next  example  is  a  short-cut  to analyze the dumps in the files
       unix.2 and vmcore.2.

       % scat 2

       Finally, this example is used to analyze the /path/to/cores/unix.0  and
       /path/to/cores/vmcore.0 files, with write access enabled.

       % scat --write 0

WARNINGS
       Use  of the tool to modify (that is, write to) a live running operating
       system is extremely dangerous, and may result in a system panic in  the
       event the user damages a kernel data structure.




ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       +---------------+----------------------+
       |ATTRIBUTE TYPE |   ATTRIBUTE VALUE    |
       +---------------+----------------------+
       |Availability   | developer/debug/scat |
       +---------------+----------------------+
       |Stability      | Volatile             |
       +---------------+----------------------+
                               (5.5) 24 Oct 2013                       scat(1)