GDB 调试dumped core文件

在调试堆栈溢出的时候,用gdb加载文件运行的时候的地址会和直接运行的地址有出入,这个时候我们需要先在没有gdb的情况下运行程序,程序崩溃会生成core文件

然后我们用gdb filename core进行调试

我在ubuntu上测试的时候会发现当前目录里面并没有生成core文件,在研究一番后发现需要修改/proc/sys/kernel/core_pattern 文件

然后我们用root来执行下面命令:

$> mkdir -p /tmp/cores
$> chmod a+rwx /tmp/cores
$> echo “/tmp/cores/core.%e.%p.%h.%t” > /proc/sys/kernel/core_pattern

然后在运行文件,然后会在/tmp/cores目录下面生成core文件:

➜ challenge11 git:(master) ✗ ll /tmp/cores
total 100K
-rw——- 1 kow kow 516K Jan 15 00:07 core.challenge11.25425.ubuntu.1516003636

然后就可以调试了:

➜ challenge11 git:(master) ✗ gdb challenge11 /tmp/cores/core.challenge11.25425.ubuntu.1516003636
GNU gdb (Ubuntu 7.11.1-0ubuntu1~16.5) 7.11.1
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type “show copying”
and “show warranty” for details.
This GDB was configured as “x86_64-linux-gnu”.
Type “show configuration” for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type “help”.
Type “apropos word” to search for commands related to “word”…
Reading symbols from challenge11…(no debugging symbols found)…done.
[New LWP 25425]
Core was generated by `./challenge11 �����������������������������������������1�Ph//shh/bin��PS���
A’.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0xffffd67a in ?? ()

在调试的时候需要注意ASLR是否关闭,不然调试core文件的时候会遇到cannot access memory的错误:

通过修改 /proc/sys/kernel/randomize_va_space  来开关ASLR功能

值为2的时候开启,0的时候关闭

感谢我昊的帮助,他还推荐了sysdig,回头我再研究研究

 

参考文章:

The Core Pattern (core_pattern), or how to specify filename and path for core dumps

http://blog.csdn.net/white_eyes/article/details/7169199

About the Author

admin

Leave a Reply

Your email address will not be published. Required fields are marked *