Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
724 views
in Technique[技术] by (71.8m points)

gdb - Manually generate elf core dump

I am looking for manually generating an ELF Core Dump file.

I have a RAM dump from my program, and can also retrieve register informations and so on.

With this data, I would like to build an ELF core dump file, similar as those generated by Linux kernel when a program crashes, the goal would be to analyse this core dump with a GDB specifically made for my platform.

I have been looking for core dumps specifications or detailed format, but did not find what I wanted :

  • What sections does my core dump file does require ?
  • How are they organized into the ELF container ?
  • How do I go from having a binary RAM dump (+ registers values) to a core dump like file.

This must preferably be done in C, I thought I could use the libelf library to help me build the file, but I did not found relevant information about what to put in that file, and in which format, so any clue, link or advice is welcomed.

Note : This is not about raising exceptions and have the job done by the kernel for me, I can do that, but I really need to gather myself the RAM and register data manually into an elf core dump.

Thanks !

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

I am looking for manually generating an ELF Core Dump file.

Just use Google elf userspace coredumper, it does exactly that.

I want to build my core dump, not implement it directly into my software

There is no existing program (that I know of) that can do that. Chances are, you'll have to write one from scratch, or adapt some other program.

There are two programs that can write a core dump from userspace -- the above userspace coredumper, and GDB (via gcore command). I expect that adapting Google coredumper would be much easier than adapting GDB.

Should you decide to write one from scratch, you can still read the Google coredumper source to figure out what it is you must write to the core.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...