参考:http://www.cnblogs.com/ahuo/category/72819.html
http://blog.csdn.net/tenfyguo/article/details/8159176
http://blog.csdn.net/ylyuanlu/article/details/9115159
一.进程产生进程coredump
必备条件: ulimit-c x x取值 [,unlimited]
二.生成coredump文件
.指定格与路径生产coredump:需要自已健立mkdir -p /data/coredump目录,并且用户有写权限
echo “/data/coredump/core.%e.%p" > /proc/sys/kernel/core_pattern =========》core.xx.4944
进程 Core_pattern的格式 说明
%% 单个%字符
%p 所dump进程的进程ID
%u 所dump进程的实际用户ID
%g 所dump进程的实际组ID
%s 导致本次core dump的信号
%t core dump的时间 (由1970年1月1日计起的秒数)
%h 主机名
%e 程序文件名
.默认生成格式(程序的当前工作目录,chdir可能改变当前目录,不一定是程序的运行目录)
[root@localhost ~]# cat /proc/sys/kernel/core_pattern
core
文件格式示例:core.
三.示例
gcc -g -Wall xx.c -oxx 有调试符号
[root@localhost ~]# cat -n xx.c
#include <stdio.h>
void func(char *p)
{
*p = 'p';
}
int main(int argc, char *argv[])
{
char *p=NULL;
func(p);
return ;
}
[root@localhost ~]# ./xx
Segmentation fault (core dumped)
[root@localhost ~]# gdb ./xx ./core.
GNU gdb (GDB) 7.7
Copyright (C) Free Software Foundation, Inc.
License GPLv3+: GNU GPL version or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./xx...done.
[New LWP ]
Core was generated by `./xx'.
Program terminated with signal SIGSEGV, Segmentation fault.
# 0x0000000000400454 in func (p=0x0) at xx.c:
*p = 'p';
(gdb) list
#include <stdio.h>
void func(char *p)
{
*p = 'p';
}
int main(int argc, char *argv[])
{
(gdb)
char *p=NULL;
func(p);
return ;
}
(gdb)
Line number out of range; xx.c has lines.
[root@localhost ~]# file core.
core.: ELF -bit LSB core file AMD x86-, version (SYSV), SVR4-style, from 'xx'
[root@localhost ~]# readelf -h core.
ELF Header:
Magic: 7f 4c
Class: ELF64
Data: 's complement, little endian
Version: (current)
OS/ABI: UNIX - System V
ABI Version:
Type: CORE (Core file)
Machine: Advanced Micro Devices X86-
Version: 0x1
Entry point address: 0x0
Start of program headers: (bytes into file)
Start of section headers: (bytes into file)
Flags: 0x0
Size of this header: (bytes)
Size of program headers: (bytes)
Number of program headers:
Size of section headers: (bytes)
Number of section headers:
Section header string table index:
gcc xx.c -oxx 无调试符号
[root@localhost ~]# gdb ./xx ./core.
GNU gdb (GDB) 7.7
Copyright (C) Free Software Foundation, Inc.
License GPLv3+: GNU GPL version or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./xx...(no debugging symbols found)...done.
[New LWP ]
Core was generated by `./xx'.
Program terminated with signal SIGSEGV, Segmentation fault.
# 0x0000000000400454 in func ()
-------------------------------------------------------------------------------
(gdb) list
No symbol table is loaded. Use the "file" command.
(gdb) disas 0x0000000000400454
Dump of assembler code for function func:
0x0000000000400448 <+>: push %rbp
0x0000000000400449 <+>: mov %rsp,%rbp
0x000000000040044c <+>: mov %rdi,-0x8(%rbp)
0x0000000000400450 <+>: mov -0x8(%rbp),%rax
=> 0x0000000000400454 <+>: movb $0x70,(%rax)
0x0000000000400457 <+>: leaveq
0x0000000000400458 <+>: retq
End of assembler dump.
(gdb) bt
# 0x0000000000400454 in func ()
# 0x0000000000400479 in main ()