adding DumpType output to crashinfo

[GoogleCodeExporter]

After wading through a messload of crashdumps the other day, I figured there 
must be an easier way to determine the difference between full memory crash 
dumps and kernel ones.  Well, thank goodness Andreas Schuster figured out that 
there's a variable in the header that lets you know.  Now let's make use of it 
so it will make it easier for others as well.  (We occasionally questions about 
why a crash dump doesn't work and it turns out that it isn't a full memory 
dump).  

I'm proposing this goes into crashinfo since adding an assert to the address 
space disables this useful plugin from outputting info.  Patch attached.

[1] http://computer.forensikblog.de/en/2006/03/dmp-file-structure.html
[2] http://computer.forensikblog.de/en/2008/02/64bit-crash-dumps.html

Original issue reported on code.google.com by jamie.l...@gmail.com on 7 Sep 2012 at 8:09

Attachments:

• crashinfo.patch

[GoogleCodeExporter]

Here's a patch gleeda and i came up with...

1) uses an overlay for Comment 
2) uses an overlay (Enumeration) for DumpType
3) adds SystemTime and SystemUpTime parsing to the output

We're not 100% sure about the conversion of the uptime so posting it here in 
case someone else has the time to verify.

Original comment by michael.hale@gmail.com on 7 Sep 2012 at 11:06

Attachments:

• crashinfo_enhancements.patch

[GoogleCodeExporter]

This issue was closed by revision r2597.

Original comment by michael.hale@gmail.com on 23 Sep 2012 at 10:49

• Changed state: Fixed