0%

Linux Coredump 调试

Posted on Edited on In
Symbols count in article: 3k Reading time ≈ 3 mins.

Coredump 叫做核心转储,它是进程运行时在突然崩溃的那一刻的一个内存快照。操作系统在程序发生异常而异常在进程内部又没有被捕获的情况下,会把进程此刻内存、寄存器状态、运行堆栈等信息转储保存在一个文件里。

该文件也是二进制文件,可以使用 gdbelfdumpobjdump 或者 windows 下的 windebugsolaris 下的 mdb 进行打开分析里面的具体内容。

Enable Coredump

  • Linux Kernel Config 需要使能 General setup -> configure standard kernel features -> Enable ELF core dumps
  • 修改 ulimit -c,在文件 /etc/profile 添加 ulimit -c 1073741824
  • 在文件 etc/sysctl.conf 添加 coredump 文件储存位置,必须为可读写分区
    kernel.core_pattern = /var/core/core_%e_%p
kernel.core_uses_pid = 0
  • 创建目录 mkdir -p /var/core

Test

    char *pStr = "test_content";
    free(pStr);

添加如上测试代码,程序运行之后产生错误,在 /var/core 下生成文件

[ /]# ll /var/core/
total 1808
-rw-------    1 root     root      30576640 Jul 28 05:24 core_GuiViewConsoleS_879
[ /]#cp /var/core/core_GuiViewConsoleS_879 /media/sda1;sync

coredump 文件复制到 PC

Debug

修改 .gdbinit 如下

#target remote 192.168.110.56:1245
set print pretty on
handle SIGPIPE nostop
handle SIGUSR1 nostop

开始调试

✔ $ > csky-linux-gdb output/out.elf /media/sda1/core_GuiViewConsoleS_879

warning: A handler for the OS ABI "GNU/Linux" is not built into this configuration
of GDB.  Attempting to continue with the default csky settings.

GNU gdb (C-SKY Tools V2.8.01-gx-sp9(UClibc), ABIV1) 7.2 (built on Jul 24 2017)
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "--host=i686-pc-linux-gnu --target=csky-linux".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
/home/xx/.gdbinit:1: Error in sourced command file:
proxy server broken, please check your server.
connect to host jtag://127.0.0.1:1025 failure.


warning: A handler for the OS ABI "GNU/Linux" is not built into this configuration
of GDB.  Attempting to continue with the default csky settings.

Reading symbols from /home/xx/workspace/Solution-for-debug/base/solution/output/out.elf...done.

warning: A handler for the OS ABI "GNU/Linux" is not built into this configuration
of GDB.  Attempting to continue with the default csky settings.


warning: exec file is newer than core file.
[New Thread 1008]
[New Thread 1007]
[New Thread 985]
[New Thread 990]
[New Thread 992]
[New Thread 993]
[New Thread 939]
[New Thread 995]
[New Thread 997]
[New Thread 996]
[New Thread 999]
[New Thread 991]
[New Thread 998]
[New Thread 879]
[New Thread 1000]
[New Thread 1001]
[New Thread 1002]
[New Thread 1005]
[New Thread 1006]
[New Thread 1009]
[New Thread 1010]
[New Thread 1011]
[New Thread 1012]
[New Thread 984]
[New Thread 1013]
[New Thread 1014]
[New Thread 994]
Core was generated by `/dvb/out.elf'.
Program terminated with signal 11, Segmentation fault.
#0  0x0068d9fa in free ()
(cskygdb) bt
#0  0x0068d9fa in free ()
#1  0x0005ed42 in app_init () at app.c:385
#2  0x0034f078 in GxGuiViewServiceConsole ()
#3  0x00335ae0 in sched_console_thread ()
#4  0x0043a4d8 in default_thread_function (arg=0x9c2140) at os/linux/osapi.c:441
#5  0x0044cfe4 in ?? ()
(cskygdb)

如果没有相关调试信息,需要确认 makefile 中打开 -O0 -g

coredump 产生的几种可能情况

  • 内存访问越界
  • 使用 strcpy, strcat, sprintf, strcmp,strcasecmp 等字符串操作函数,将目标字符串读 / 写爆。应该使用 strncpy, strlcpy, strncat, strlcat, snprintf, strncmp, strncasecmp 等函数防止读写越界
  • 多线程程序使用了线程不安全的函数
  • 多线程读写的数据未加锁保护
  • 非法指针
  • 堆栈溢出

Ref

  1. 详解 coredump
  2. gdb 调试 coredump