core dump触发场景
-
Segmentation fault (core dumped),这种完全是有page fault触发的。 - 其它的异常,如
Floating point exception (core dumped),这种分析比较简单,这里不提。
写一个触发Segmentation fault的程序
int main()
{
*(int*)0x4321 = 0x12345678;
return 0;
}
查看内核log
# dmesg
[383873.026755] test[34139]: segfault at 4321 ip 0000000000400589 sp 00007ffcd2c88140 error 6 in test[400000+1000]
此段log是由内核函数show_signal_msg或者do_trap打印出来的
- 代码走到0000000000400589
- 访问内存4321
- sp指针00007ffcd2c88140
- error是6, 即
PF_USER|PF_WRITE,参加下表 - 程序test触发的异常
/*
* Page fault error code bits:
*
* bit 0 == 0: no page found 1: protection fault
* bit 1 == 0: read access 1: write access
* bit 2 == 0: kernel-mode access 1: user-mode access
* bit 3 == 1: use of reserved bit detected
* bit 4 == 1: fault was an instruction fetch
*/
enum x86_pf_error_code {
PF_PROT = 1 << 0,
PF_WRITE = 1 << 1,
PF_USER = 1 << 2,
PF_RSVD = 1 << 3,
PF_INSTR = 1 << 4,
};
用gdb调试core dump
(gdb) set disassembly-flavor intel
(gdb) x/5i $pc
=> 0x400589 <main+9>: mov DWORD PTR [rax],0x12345678
0x40058f <main+15>: mov eax,0x0
0x400594 <main+20>: pop rbp
0x400595 <main+21>: ret
0x400596: nop WORD PTR cs:[rax+rax*1+0x0]
(gdb) i r rax
rax 0x4321 17185
网友评论