Core dump file analysis

Dew picture Dew · Feb 25, 2011 · Viewed 601.7k times · Source

What are all the things I will need to check while analyzing a core dump file?

Please tell me from scratch.

Answer

Michael Aaron Safyan picture Michael Aaron Safyan · Feb 25, 2011

You just need a binary (with debugging symbols included) that is identical to the one that generated the core dump file. Then you can run gdb path/to/the/binary path/to/the/core/dump/file to debug it.

When it starts up, you can use bt (for backtrace) to get a stack trace from the time of the crash. In the backtrace, each function invocation is given a number. You can use frame number (replacing number with the corresponding number in the stack trace) to select a particular stack frame.

You can then use list to see code around that function, and info locals to see the local variables. You can also use print name_of_variable (replacing "name_of_variable" with a variable name) to see its value.

Typing help within GDB will give you a prompt that will let you see additional commands.