一、打開core文件限制
a.sudo vi /etc/profile
b.文件末尾添加ulimit -c unlimited
source /etc/profile
把文件重新加載到內存
c.root@ubuntu:~/code# ulimit -c
unlimited
說明core文件限制已經去處。
二、讓core文件生成在進程當前目錄
echo "core-%e-%p-%t" > /proc/sys/kernel/core_pattern
三、寫一個同一塊內存釋放兩次引起coredump的例子定位並解決
a.編寫err.cpp代碼如下,同一塊內存釋放了兩次。
root@ubuntu:~/code# cat err.cpp
#include<cstdlib>
using namespace std;
void repeatFree(char *p)
{
if(NULL != p)
{
free(p);
}
}
int main()
{
char* pstr =(char*) malloc(1024);
free(pstr);
repeatFree(pstr);
}
b.g++ -o err err.cpp
編譯生成err可執行文件。
c. ./err
root@ubuntu:~/code# ./err
*** Error in `./err': double free or corruption (top): 0x0000000001911010 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x77725)[0x7fbe4039f725]
/lib/x86_64-linux-gnu/libc.so.6(+0x7ff4a)[0x7fbe403a7f4a]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x4c)[0x7fbe403ababc]
./err[0x400585]
./err[0x4005b6]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0)[0x7fbe40348830]
./err[0x400499]
======= Memory map: ========
00400000-00401000 r-xp 00000000 08:01 398325 /root/code/err
00600000-00601000 r--p 00000000 08:01 398325 /root/code/err
00601000-00602000 rw-p 00001000 08:01 398325 /root/code/err
01911000-01932000 rw-p 00000000 00:00 0 [heap]
7fbe3c000000-7fbe3c021000 rw-p 00000000 00:00 0
7fbe3c021000-7fbe40000000 ---p 00000000 00:00 0
7fbe40112000-7fbe40128000 r-xp 00000000 08:01 791701 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fbe40128000-7fbe40327000 ---p 00016000 08:01 791701 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fbe40327000-7fbe40328000 rw-p 00015000 08:01 791701 /lib/x86_64-linux-gnu/libgcc_s.so.1
7fbe40328000-7fbe404e8000 r-xp 00000000 08:01 791663 /lib/x86_64-linux-gnu/libc-2.23.so
7fbe404e8000-7fbe406e7000 ---p 001c0000 08:01 791663 /lib/x86_64-linux-gnu/libc-2.23.so
7fbe406e7000-7fbe406eb000 r--p 001bf000 08:01 791663 /lib/x86_64-linux-gnu/libc-2.23.so
7fbe406eb000-7fbe406ed000 rw-p 001c3000 08:01 791663 /lib/x86_64-linux-gnu/libc-2.23.so
7fbe406ed000-7fbe406f1000 rw-p 00000000 00:00 0
7fbe406f1000-7fbe40717000 r-xp 00000000 08:01 791635 /lib/x86_64-linux-gnu/ld-2.23.so
7fbe408fb000-7fbe408fe000 rw-p 00000000 00:00 0
7fbe40913000-7fbe40916000 rw-p 00000000 00:00 0
7fbe40916000-7fbe40917000 r--p 00025000 08:01 791635 /lib/x86_64-linux-gnu/ld-2.23.so
7fbe40917000-7fbe40918000 rw-p 00026000 08:01 791635 /lib/x86_64-linux-gnu/ld-2.23.so
7fbe40918000-7fbe40919000 rw-p 00000000 00:00 0
7ffe51f1b000-7ffe51f3c000 rw-p 00000000 00:00 0 [stack]
7ffe51ff4000-7ffe51ff6000 r--p 00000000 00:00 0 [vvar]
7ffe51ff6000-7ffe51ff8000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted (core dumped)
產生了core文件
root@ubuntu:~/code# ll
total 168
drwxr-xr-x 2 root root 4096 Mar 9 18:20 ./
drwx------ 10 root root 4096 Mar 9 18:18 ../
-rw------- 1 root root 544768 Mar 9 18:20 core-err-9665-1489112441
-rwxr-xr-x 1 root root 8696 Mar 9 18:20 err*
-rw-r--r-- 1 root root 185 Mar 9 18:18 err.cpp
d.gdb ./err core-err-9665-1489112441
執行gdb 執行程序 core文件,然後在gdb裏面where
root@ubuntu:~/code# gdb ./err core-err-9665-1489112441
GNU gdb (Ubuntu 7.11-0ubuntu1) 7.11
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./err...(no debugging symbols found)...done.
[New LWP 9665]
Core was generated by `./err'.
Program terminated with signal SIGABRT, Aborted.
#0 0x00007fbe4035d418 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
54../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) where
#0 0x00007fbe4035d418 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
#1 0x00007fbe4035f01a in __GI_abort () at abort.c:89
#2 0x00007fbe4039f72a in __libc_message (do_abort=do_abort@entry=2, fmt=fmt@entry=0x7fbe404b86b0 "*** Error in `%s': %s: 0x%s ***\n") at ../sysdeps/posix/libc_fatal.c:175
#3 0x00007fbe403a7f4a in malloc_printerr (ar_ptr=<optimized out>, ptr=<optimized out>, str=0x7fbe404b87a0 "double free or corruption (top)", action=3) at malloc.c:5007
#4 _int_free (av=<optimized out>, p=<optimized out>, have_lock=0) at malloc.c:3868
#5 0x00007fbe403ababc in __GI___libc_free (mem=<optimized out>) at malloc.c:2969
#6 0x0000000000400585 in repeatFree(char*) ()
#7 0x00000000004005b6 in main ()
通過調堆棧就能發現死在repeatFree(char*)函數裏面,重複釋放了同一塊內存。