Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Restoring program state from a core file

Tags:

gdb

coredump

Is it possible, under any circumstances, to restore the state of a program to what it was during the generation of a core file?

The reason I ask is that in order to take advantage of gdb's ability to execute functions and so forth you need to have a running instance. Surely it should be possible to produce a mock process of the same executable with the state set to be the contents of the core?

If not what alternatives are there for the sort of situation that made me want to do this in the first place? In this case the back-trace of the core led to a library function and I wanted to replicate the inputs to this function call but one of the inputs is was complex object which could easily be serialized to a string with a function call in a running instance but not so in a core dump.

like image 872
cyborg Avatar asked Dec 18 '09 20:12

cyborg

People also ask

How do I read a core dump file?

While it is running, press Ctrl + \ to force a core dump. You'll now see a core file in the directory you are in.

What is in a core file?

Core files are created when a program encounters a run-time error. It is an image of the memory used by the program, and debuggers such as gdb can access it to find out the state of the program at the time of the error.

How do I debug a core dump?

You just need a binary (with debugging symbols included) that is identical to the one that generated the core dump file. Then you can run gdb path/to/the/binary path/to/the/core/dump/file to debug it. When it starts up, you can use bt (for backtrace) to get a stack trace from the time of the crash.

3 Answers

It is theoretically possible to do exactly what you want, but (AFAICT) there is no support for this in GDB (yet).

Your best bet is to use GDB-7.0 and use its embedded python scripting to re-implement the serialization function.

like image 88
Employed Russian Avatar answered Dec 31 '22 18:12

Employed Russian

That's what a core file does already? If you load gdb with the original executable and the core file 

gdb myprogram.exe -c mycorefile

Then it'll go to the point at where it crashed. You can use all the normal inspection functionality to view the variables, see the stack trace and so on.

Or have I misunderstood your question?

like image 33
Jeff Foster Avatar answered Dec 31 '22 19:12

Jeff Foster

In case it's useful to someone, I've implemented a Python module to do just that: call functions in a core file (by emulating the CPU).

It's called EmuCore.
I've successfully used it on very complex functions, example serializing a GStreamer pipeline graph.

Note that it still has important limitations such as:

  • only x64 Linux
  • the function can't call the OS (to e.g. read files)
  • function arguments can't be floats

See README for more info.

like image 42
Alba Mendez Avatar answered Dec 31 '22 19:12

Alba Mendez
Sign in to Comment

Related questions

Cannot reproduce segfault in gdb
Debug fork() in eclipse cdt
How to handle all signals in GDB
gdb step not working as expected
C++: Do I need GCC and GDB with the same version to debug
The address where filename has been loaded is missing [GDB]
Can't step into string.h function with GDB
Overload symbols of running process (LD_PRELOAD attachment)
Can gdb automatically attach a process on a SIGSEGV
Displaying each assembly instruction executed in gdb
How to re-run program in GDB several times?
Unable to install GDB with python support
Displaying dereferenced STL iterators in gdb
Print characters from a void* in gdb
How to single step ARM assembly in GDB on QEMU?
What is the cause for “panic: free from wrong pool during global destruction.” in Term::ReadLine::Gnu?
Cannot Debug Shared Library - Symbols Not Loading Properly
Android Native debug (ndk-gdb) on HTC Desire: run-as flaw?
GDB-Python scripting: any samples iterating through C/C++ struct fields
Why would gdb hang?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!