In last post, we saw about GDB, and BT . In this post we will work 1-2 more functions
So let see for below code.
#include<stdio.h>
#include<stdlib.h>
void voldemort(int *);
int main()
{
int *hp;
hp=(int *)malloc(sizeof(int)*1);
free(hp);
voldemort(hp);
}
void voldemort(int *hp)
{
free(hp);
}
On running I got below error
*** Error in `./crash': double free or corruption (fasttop): 0x0a04b008 ***
Aborted (core dumped)
This is my gdb - bt message
#0 0xb76df424 in __kernel_vsyscall ()
#1 0xb7548827 in __GI_raise (sig=sig@entry=6)
at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#2 0xb754bc53 in __GI_abort () at abort.c:89
#3 0xb7583993 in __libc_message (do_abort=do_abort@entry=1,
fmt=fmt@entry=0xb7680a5c "*** Error in `%s': %s: 0x%s ***\n")
at ../sysdeps/posix/libc_fatal.c:175
#4 0xb758de7a in malloc_printerr (action=<optimized out>,
str=0xb7680c20 "double free or corruption (fasttop)", ptr=0xa04b008)
at malloc.c:4996
#5 0xb758eaed in _int_free (av=0xb76c5420 <main_arena>,
p=<optimized out>, have_lock=0) at malloc.c:3840
#6 0x08048491 in voldemort ()
#7 0x0804847e in main ()
As we can see at step 4, double corruption has taken place.
And in step 5 , we have called system function and Step 4 is Voldemort .
So we got function in which error has occurred.
One more example:
#include<stdio.h>
#include<stdlib.h>
void voldemort(int *);
int main()
{
int *hp;
hp=(int *)malloc(sizeof(int)*1);
voldemort(hp);
// free(hp);
}
void voldemort(int *hp)
{
int *temp;
temp = hp;
*temp=2;
hp=NULL;
*hp=10;
}
On running this I got
Segmentation fault (core dumped)
gdb-bt output is
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x08048463 in voldemort ()
(gdb) bt
#0 0x08048463 in voldemort ()
#1 0x08048442 in main ()
So as you can see with different type of signal , information can change a bit.
now we know Voldemort is bad guy and causing crash. So we need to check voldemort in detail.
Now if you have noted , then we can see that in front of every fucntion there is one number. To go inside a function we need that number with frame cmd. Example to go inside voldemort, we have to on gdb type below
(gdb) frame 0 // this will select this function, then we can use further gdb cmds list, info locals
but when I typed, I ran into an error 'SYMBOL table info not available'. This is because at the time of building I have not enabled debugger option.
So I need to use that , like below . crash.c is my .c file name, crash will be name of my executable.
> gcc -g -o crash crash.c
Now when I run ./crash , in crashed as expected. now after running gdb on it .
It automatically gave me line number where crash is happening. AWESOME
#0 0x08048463 in voldemort (hp=0x0) at crash.c:20
#1 0x08048442 in main () at crash.c:10
(gdb) frame 0
(gdb) list // list the function code
(gdb) info locals // gives details about local variables.
For my function, below is details
(gdb) frame 0
#0 0x08048463 in voldemort (hp=0x0) at crash.c:20
20 *hp=10;
(gdb) list
15 {
16 int *temp;
17 temp = hp;
18 *temp=2;
19 hp=NULL;
20 *hp=10;
21
22
23 }
(gdb) info locals
temp = 0xa04b008
(gdb)
Now , we have seen that how can be debug crash dump using gdb.
To quit gdb, simply paste q
But still lot needs to be debugged, like what are memory address and what are values stored in them.
useful when crash is not happening, but answer is not as expected.
that we will see in further tutes.
No comments:
Post a Comment