0

I'm having a problem analyzing core dump with gdb. I'm not able to view the contents of any structure in my C code. When I use:

print myStruct->val

I get

Cannot access memory at address 0x2031b860

Or

print *myStruct

I get the same error.

This happens when I try to print content from every other structure in the code. But when I try to print a local variable which is in a function, it prints ok.

The sequence of commands executed was:

gdb ./myApp ./core
(gdb)bt
.
.
.
#25 0x0868b276 in ikev2_check_icv (ike_sa=0x2031b860, packet=0x2031a950) at ikev2_payload.c:460
.
.
(gdb) frame 25
(gdb) print ike_sa
$1 = (struct ikev2_sa *) 0x2031b860
(gdb) print *ike_sa
Cannot access memory at address 0x2031b860
(gdb)

So my question is, does core dump catch memory blocks allocated with malloc? Not just stack frame memory, as it seems from this example.

I'm running this on Linux 2.6.32.45-0.3-xen x86_64

Improve this question
4
  • 3
    The fact that you cannot access the memory may be the cause for the core dump. Use the stack trace to see where the pointer to structure comes from. Or use Valgrind to track uninitialised data. Commented Nov 6, 2014 at 14:32
  • Sorry, but it's not the case. The core dump is because of another issue. I know where the crash happens, this is just for competence build up in using gdb. As I said, I'm not able to see the content of other structures in the code. It's a big code, but I'm pretty sure that the struct in this example got allocated and initialized properly. Commented Nov 6, 2014 at 14:46
  • malloc'ed memory ought to be in the core dump, if the corefile ulimit didn't cause the core dump to be truncated before the data for that part of the heap was dumped. Run info files in gdb and see if the core dump file mappings have an address range that includes 0x2031b860. Commented Nov 6, 2014 at 18:37
  • you're right Mark, (gdb) print ike_sa $1 = (struct ikev2_sa *) 0x20331880 (gdb) info files 0x20000000 - 0x20000000 is load4 As for the other struct I can't see. (gdb) print packet $3 = (rc_vchar_t *) 0x20329ec0 Also falls in this range. Does this mean that these structures were not allocated properly? Commented Nov 7, 2014 at 10:11

1 Answer 1

Reset to default
0

So my question is, does core dump catch memory blocks allocated with malloc? Not just stack frame memory, as it seems from this example.

That is correct.

The symptoms you observe usually indicate that your core is truncated.

That can happen when your ulimit -c is too low, or when you run out of disk space writing it.

Another possibility is that your core got damaged in transfer if you e.g. FTP'd it over from one machine to another for analysis.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

hi, I didn't ftp the file, ulimit -c shows, unlimited...and I have 53G available space on my disk. Could there be another reason?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.