crash utility help page: log

于 2022-08-31 13:47:40 发布
阅读量307 收藏
点赞数
文章标签: linux
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/yangzex/article/details/126622394
版权 
NAME
  log - dump system message buffer

SYNOPSIS
  log [-Ttdmas]

DESCRIPTION
  This command dumps the kernel log_buf contents in chronological order.  The
  command supports the older log_buf formats, which may or may not contain a
  timestamp inserted prior to each message, as well as the newer variable-length
  record format, where the timestamp is contained in each log entry's header.
  
    -T  Display the message text with human readable timestamp.
        (Be aware that the timestamp could be inaccurate!  The timestamp is
         from local_clock(), which is different from the elapsed wall time.)
    -t  Display the message text without the timestamp; only applicable to the
        variable-length record format.
    -d  Display the dictionary of key/value pair properties that are optionally
        appended to a message by the kernel's dev_printk() function; only
        applicable to the variable-length record format.
    -m  Display the message log level in brackets preceding each message.  For
        the variable-length record format, the level will be displayed in 
        hexadecimal.  In older kernels, by default, the facility/flag bits
        will be stripped to only show the level, but if needed, can still be
        shown with 'set debug 1'.
    -a  Dump the audit logs remaining in kernel audit buffers that have not
        been copied out to the user-space audit daemon.
    -s  Dump the printk logs remaining in kernel safe per-CPU buffers that
        have not been flushed out to log_buf.
 

EXAMPLES
  Dump the kernel message buffer:

    crash> log
    Linux version 2.2.5-15smp (root@mclinux1) (gcc version egcs-2.91.66 19990
    314/Linux (egcs-1.1.2 release)) #1 SMP Thu Aug 26 11:04:37 EDT 1999
    Intel MultiProcessor Specification v1.4
        Virtual Wire compatibility mode.
    OEM ID: DELL     Product ID: WS 410       APIC at: 0xFEE00000
    Processor #0 Pentium(tm) Pro APIC version 17
    Processor #1 Pentium(tm) Pro APIC version 17
    I/O APIC #2 Version 17 at 0xFEC00000.
    Processors: 2
    mapped APIC to ffffe000 (fee00000)
    mapped IOAPIC to ffffd000 (fec00000)
    Detected 447696347 Hz processor.
    Console: colour VGA+ 80x25
    Calibrating delay loop... 445.64 BogoMIPS
    ...
      8K byte-wide RAM 5:3 Rx:Tx split, autoselect/Autonegotiate interface.
      MII transceiver found at address 24, status 782d.
      Enabling bus-master transmits and whole-frame receives.
    Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
    nfsd_init: initialized fhcache, entries=256
    ...
 
  Do the same thing, but also show the log level preceding each message:

    crash> log -m
    <4>Linux version 2.2.5-15smp (root@mclinux1) (gcc version egcs-2.91.66 19990
    314/Linux (egcs-1.1.2 release)) #1 SMP Thu Aug 26 11:04:37 EDT 1999
    <4>Intel MultiProcessor Specification v1.4
    <4>    Virtual Wire compatibility mode.
    <4>OEM ID: DELL     Product ID: WS 410       APIC at: 0xFEE00000
    <4>Processor #0 Pentium(tm) Pro APIC version 17
    <4>Processor #1 Pentium(tm) Pro APIC version 17
    <4>I/O APIC #2 Version 17 at 0xFEC00000.
    <4>Processors: 2
    <4>mapped APIC to ffffe000 (fee00000)
    <4>mapped IOAPIC to ffffd000 (fec00000)
    <4>Detected 447696347 Hz processor.
    <4>Console: colour VGA+ 80x25
    <4>Calibrating delay loop... 445.64 BogoMIPS
    ...
    <6>  8K byte-wide RAM 5:3 Rx:Tx split, autoselect/Autonegotiate interface.
    <6>  MII transceiver found at address 24, status 782d.
    <6>  Enabling bus-master transmits and whole-frame receives.
    <6>Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
    <7>nfsd_init: initialized fhcache, entries=256
    ... 
 
  On a system with the variable-length record format, and whose log_buf has been
  filled and wrapped around, display the log with timestamp data:

    crash> log
    [    0.467730] pci 0000:ff:02.0: [8086:2c10] type 00 class 0x060000
    [    0.467749] pci 0000:ff:02.1: [8086:2c11] type 00 class 0x060000
    [    0.467769] pci 0000:ff:02.4: [8086:2c14] type 00 class 0x060000
    [    0.467788] pci 0000:ff:02.5: [8086:2c15] type 00 class 0x060000
    [    0.467809] pci 0000:ff:03.0: [8086:2c18] type 00 class 0x060000
    [    0.467828] pci 0000:ff:03.1: [8086:2c19] type 00 class 0x060000
    ...
 
  Display the same message text as above, without the timestamp data:

    crash> log -t
    pci 0000:ff:02.0: [8086:2c10] type 00 class 0x060000
    pci 0000:ff:02.1: [8086:2c11] type 00 class 0x060000
    pci 0000:ff:02.4: [8086:2c14] type 00 class 0x060000
    pci 0000:ff:02.5: [8086:2c15] type 00 class 0x060000
    pci 0000:ff:03.0: [8086:2c18] type 00 class 0x060000
    pci 0000:ff:03.1: [8086:2c19] type 00 class 0x060000
    ...
 
  Display the same message text as above, with appended dictionary data:

    crash> log -td
    pci 0000:ff:02.0: [8086:2c10] type 00 class 0x060000
    SUBSYSTEM=pci
    DEVICE=+pci:0000:ff:02.0
    pci 0000:ff:02.1: [8086:2c11] type 00 class 0x060000
    SUBSYSTEM=pci
    DEVICE=+pci:0000:ff:02.1
    pci 0000:ff:02.4: [8086:2c14] type 00 class 0x060000
    SUBSYSTEM=pci
    DEVICE=+pci:0000:ff:02.4
    pci 0000:ff:02.5: [8086:2c15] type 00 class 0x060000
    SUBSYSTEM=pci
    DEVICE=+pci:0000:ff:02.5
    pci 0000:ff:03.0: [8086:2c18] type 00 class 0x060000
    SUBSYSTEM=pci
    DEVICE=+pci:0000:ff:03.0
    pci 0000:ff:03.1: [8086:2c19] type 00 class 0x060000
    SUBSYSTEM=pci
    DEVICE=+pci:0000:ff:03.1
    ...
 
  Dump the kernel audit logs:

    crash> log -a
    type=1320 audit(1489384479.809:4342):
    type=1300 audit(1489384479.809:4343): arch=c000003e syscall=0 success=yes 
    exit=0 a0=4 a1=7f84154a2000 a2=400 a3=22 items=0 ppid=2560 pid=2591 auid=0 
    uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 ses=1 
    comm="pidof" exe="/usr/sbin/killall5" 
    subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
    type=1320 audit(1489384479.809:4343):
    type=1300 audit(1489384479.809:4344): arch=c000003e syscall=3 success=yes 
    exit=0 a0=4 a1=1 a2=8 a3=0 items=0 ppid=2560 pid=2591 auid=0 uid=0 gid=0 
    euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 ses=1 comm="pidof" 
    exe="/usr/sbin/killall5" 
    subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
    type=1320 audit(1489384479.809:4344):
    type=1300 audit(1489384479.809:4345): arch=c000003e syscall=11 
    success=yes exit=0 a0=7f84154a2000 a1=1000 a2=0 a3=0 items=0 ppid=2560 
    pid=2591 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 
    tty=ttyS0 ses=1 comm="pidof" exe="/usr/sbin/killall5" 
    subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
    type=1320 audit(1489384479.809:4345):
    type=1300 audit(1489384479.809:4346): arch=c000003e syscall=2 success=yes 
    exit=4 a0=7ffcfd20f5a0 a1=0 a2=1b6 a3=24 items=1 ppid=2560 pid=2591 auid=0
    uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 ses=1 
    comm="pidof" exe="/usr/sbin/killall5" 
    subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
    type=1307 audit(1489384479.809:4346):  cwd="/proc"
    ...
 
  Display the message text with human readable timestamp:

    crash> log -T
    [Sat Apr  4 07:41:09 2020] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
    [Sat Apr  4 07:41:09 2020] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
    [Sat Apr  4 07:41:09 2020] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
    [Sat Apr  4 07:41:09 2020] BIOS-e820: [mem 0x0000000000100000-0x00000000dffeffff] usable
    [Sat Apr  4 07:41:09 2020] BIOS-e820: [mem 0x00000000dfff0000-0x00000000dfffffff] ACPI data
    [Sat Apr  4 07:41:09 2020] BIOS-e820: [mem 0x00000000fec00000-0x00000000fec00fff] reserved
    [Sat Apr  4 07:41:09 2020] BIOS-e820: [mem 0x00000000fee00000-0x00000000fee00fff] reserved
    [Sat Apr  4 07:41:09 2020] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
    [Sat Apr  4 07:41:09 2020] BIOS-e820: [mem 0x0000000100000000-0x000000011fffffff] usable
    [Sat Apr  4 07:41:09 2020] NX (Execute Disable) protection: active
    [Sat Apr  4 07:41:09 2020] SMBIOS 2.5 present.
    [Sat Apr  4 07:41:09 2020] DMI: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
    [Sat Apr  4 07:41:09 2020] Hypervisor detected: KVM
    [Sat Apr  4 07:41:09 2020] kvm-clock: Using msrs 4b564d01 and 4b564d00
    [Sat Apr  4 07:41:09 2020] kvm-clock: cpu 0, msr 6de01001, primary cpu clock
    [Sat Apr  4 07:41:09 2020] kvm-clock: using sched offset of 11838753697 cycles
    [Sat Apr  4 07:41:09 2020] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns
    [Sat Apr  4 07:41:09 2020] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
    [Sat Apr  4 07:41:09 2020] e820: remove [mem 0x000a0000-0x000fffff] usable
    [Sat Apr  4 07:41:09 2020] last_pfn = 0x120000 max_arch_pfn = 0x400000000
    [Sat Apr  4 07:41:09 2020] MTRR default type: uncachable
    [Sat Apr  4 07:41:09 2020] MTRR variable ranges disabled:
    ...

  On a system which has printk_safe_seq_buf buffer,
  display its unflushed log with buffer name:

    crash> log
    ...
    [nmi_print_seq] Uhhuh. NMI received for unknown reason 30 on CPU 0.
    [nmi_print_seq] Do you have a strange power saving mode enabled?
    [nmi_print_seq] Dazed and confused, but trying to continue

  Dump the printk safe buffers:

    crash> log -s
    PRINTK_SAFE_SEQ_BUF: nmi_print_seq
    CPU: 0  ADDR: ffff8ca4fbc19ce0 LEN: 150  MESSAGE_LOST: 0
      Uhhuh. NMI received for unknown reason 20 on CPU 0.
      Do you have a strange power saving mode enabled?
      Dazed and confused, but trying to continue
    ...
    PRINTK_SAFE_SEQ_BUF: safe_print_seq
    CPU: 0  ADDR: ffff8ca4fbc1ad00 LEN: 0  MESSAGE_LOST: 0
      (empty)
    ...
yangzex
关注
Linux: kdump & kexec: /etc/kdump.conf解析;kdumpctl;makedumpfile;CONFIG_KEXEC; crashkernel
mzhan017的博客
05-23 468
这里简单介绍kdump及kexec,怎么安装,怎么使用;这里说的内核是程序层的内核:正常内核 - 是硬件层的一个CPU驱动;驱动CPU正常运行,完成各项任务。如果CPU驱动,产生错误,会很严重,导致任务运行结果不可预知,出现磁盘文件损坏,等等。转储内核 - 这个转储内核不是当前正常运行的系统内核,而是在系统内核出现问题,无法运行时,用来将系统内核的内存转储到文件的一个小的内核环境。而这个小环境也是一个仅仅实现了内存转储功能的一个小的CPU驱动。
【chromium】windows构建base库 3:gn + vs2022 args 设置及debug x86 构建
最新发布
突围
02-07 458
x86 debug 构建 chromium
Linux问题
KgdYsg的博客
10-10 2444
昨晚用服务器跑iperf测TCP带宽。今早来到一看在客户端有提示: Message from syslogd@localhost at Oct 9 22:12:24 … kernel:Uhuh. NMI received for unknown reason 00 on CPU 7.Message from syslogd@localhost at Oct 9 22:12:24 …
linux电脑硬件经常死机,LINUX系统频繁死机,挽救看看...急急急
weixin_35974411的博客
05-13 2495
LINUX系统频繁死机,挽救看看...急急急(2011-08-15 05:23:15)标签:杂谈LINUX系统频繁死机,挽救看看...急急急日志中的报错消息如下: Nov1 19:15:24 club kernel: Dazedand confused, but trying to continueNov1 19:15:24 club kernel: Doyou have a strange po...
syslogd
rgb_rgb的博客
09-20 979
21:$ Message from syslogd@test21 at Sep 19 16:30:02 ...  kernel:Uhhuh. NMI received for unknown reason 00 on CPU 128. Message from syslogd@test21 at Sep 19 16:30:02 ...  kernel:Do you have a s
开发环境 -- 在linux中写一个脚本拷机
诸葛一帆丶的博客
11-06 1900
遇到一个问题,x86板卡通过PCIE外接网卡芯片82599,某一块板子过一会出现网络不通的问题,排查发现某一时刻系统出现如下异常: [ 1250.888189] Uhhuh. NMI received for unknown reason 31 on CPU 0. [ 1250.894247] Do you have a strange power saving mode enabled? [...
Chrome的启动参数
Criss@陈磊
02-23 4922
List of Chromium Command Line Switches Condition Explanation --[1]⊗ Classic, non-material, mode for the |kTopChromeMD| switch.↪ --0⊗ Value of the --profiler-timing flag that will disable timin...
[Spark版本更新]--Spark-2.0.1版本的最新改动
欢迎来到我的博客,一起探索代码里的世界!
11-12 6526
spark-2.0.1版本的最新改动 Sub-task(子任务) [SPARK-15232] - Add subquery SQL building tests to LogicalPlanToSQLSuite [SPARK-15698] - Ability to remove old metadata for structure streaming MetadataLog [SPARK-...
CodeLab:Android fundamentals 07.2:AsyncTask and AsyncTaskLoader
qq_39040714的博客
04-12 834
Android fundamentals 07.2:AsyncTask and AsyncTaskLoader Tutorial source : Google CodeLab Date : 2021/04/06 Complete course : 教程目录 (java). Note : The link in this article requires Google access 1、Welcome This practical codelab is part of Unit 3: Working in
linux内存检测
张拓的博客
11-18 2705
一、安装两种方式安装memtest86:http://www.memtest86.com/memtest86-3.5.tar.gz1、上memtest官网下载最新版,解压之后编译安装,产生memtest.bin文件,拷贝到/boot目录下二、启动配置vi /boot/grub/grub.conf文件,加入启动项title Memtest-bin-rootpath        root (hd0,0)        kernel /memtest.bintitle Memtest86+ v1.65-root
服务器频繁死机,可能是语音卡不兼容
张拓的博客
11-19 2772
<br />服务器频繁死机,报如下的错误Uhhuh. NMI received for unknown reason 31 on cpu 0.<br />Do you have strange power saving mode enabled <br />Dazed and confused,but trying to continue<br />Bank 0:b20000<br />Bank 5:b20000fdsaf<br />Kernel panic -not syncing :CPU contex
kernel: Uhhuh. NMI received for unknown reason 31
cuixie2370的博客
03-19 1769
Linux AS2.1 + Oracle9.2.0.4 RAC Linux Error Messages : Mar 19 10:53:41 dell-node2 kernel: Uhhuh. NMI received f...
HDU 1548 A strange lift
qq_41044309的博客
01-26 116
A strange lift Time Limit: 2000/1000 MS (Java/Others)    Memory Limit: 65536/32768 K (Java/Others) Total Submission(s): 34869    Accepted Submission(s): 12425   Problem Description There is a stran...
A Guide to Unexpected System Restarts
msdnchina的专栏@JiNan,ShanDong
06-14 741
https://access.redhat.com/articles/206873 Updated2018年一月2日23:31- English Contents Introduction Understanding the Environment Investigating /var/log/messages Where to Go Next Kernel Panic ...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值