Linux下SegmentFault(double free)分析方法(二)gdbserver + gdb
一、引言
在有些调试环境下没有gdb工具,尤其是在某些嵌入式下的板子,没有相关的gdb工具,但是有时会提供相关gdbserver工具,通过gdbserver同样我们可以进行利用网络进行远程调试
二、板子上启动gdbserver
[root@EPC-M6G2C ~]# gdbserver :12345 double_free_main_arm
Process double_free_main_arm created; pid = 325
Listening on port 12345
Remote debugging from host 192.168.1.142
Killing all inferiors
[root@EPC-M6G2C ~]# gdbserver :12345 double_free_main_arm
Process double_free_main_arm created; pid = 329
Listening on port 12345
Remote debugging from host 192.168.1.142
Before set rlimit CORE dump current is:0, max is:0
After set rlimit CORE dump current is:524288000, max is:524288000
*** Error in `double_free_main_arm': double free or corruption (fasttop): 0x00023008 ***
三、在宿主机上启动gdb
注意启动的不是gdb而是交叉编译链中的那个gdb
root@ubuntu:/Deepinfar/FlyInCoding/SegmentFault/3.coredump# arm-linux-gnueabihf-gdb double_free_main_arm
GNU gdb (crosstool-NG linaro-1.13.1-4.9-2014.09 - Linaro GCC 4.9-2014.09) 7.6.1-2013.10
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "--host=i686-build_pc-linux-gnu --target=arm-linux-gnueabihf".
For bug reporting instructions, please see:
<https://bugs.launchpad.net/gcc-linaro>...
Reading symbols from /Deepinfar/FlyInCoding/SegmentFault/3.coredump/double_free_main_arm...done.
(gdb) target remote 192.168.1.136
192.168.1.136: No such file or directory.
(gdb) target remote 192.168.1.136:12345
Remote debugging using 192.168.1.136:12345
Reading symbols from /opt/arm-linux-gcc/arm-linux-gnueabihf/libc/lib/ld-linux-armhf.so.3...done.
Loaded symbols for /opt/arm-linux-gcc/arm-linux-gnueabihf/libc/lib/ld-linux-armhf.so.3
0x76fd7a40 in _start () from /opt/arm-linux-gcc/arm-linux-gnueabihf/libc/lib/ld-linux-armhf.so.3
(gdb) c
Continuing.
warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
warning: Could not load shared library symbols for 2 libraries, e.g. /usr/lib/arm-linux-gnueabihf/libstdc++.so.6.
Use the "info sharedlibrary" command to see the complete listing.
Do you need "set solib-search-path" or "set sysroot"?
Program received signal SIGABRT, Aborted.
__libc_do_syscall () at ../ports/sysdeps/unix/sysv/linux/arm/libc-do-syscall.S:44
44 ../ports/sysdeps/unix/sysv/linux/arm/libc-do-syscall.S: No such file or directory.
(gdb) bt
#0 __libc_do_syscall () at ../ports/sysdeps/unix/sysv/linux/arm/libc-do-syscall.S:44
#1 0x76db8ebe in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#2 0x76dbb83c in __GI_abort () at abort.c:89
#3 0x76ddff7c in __libc_message (do_abort=2, fmt=<optimized out>) at ../sysdeps/posix/libc_fatal.c:175
#4 0x76de6cac in malloc_printerr (action=3, str=0x76e630bc "double free or corruption (fasttop)",
ptr=<optimized out>) at malloc.c:4991
#5 0x76de731a in _int_free (av=<optimized out>, p=<optimized out>, have_lock=0) at malloc.c:3837
#6 0x00011b72 in __gnu_cxx::new_allocator<unsigned char>::deallocate (this=0x7efff770, __p=0x23008 "")
at /opt/arm-linux-gcc/arm-linux-gnueabihf/include/c++/4.9.2/ext/new_allocator.h:110
#7 0x00011562 in __gnu_cxx::__alloc_traits<std::allocator<unsigned char> >::deallocate (__a=...,
__p=0x23008 "", __n=4) at /opt/arm-linux-gcc/arm-linux-gnueabihf/include/c++/4.9.2/ext/alloc_traits.h:185
#8 0x0001113e in std::_Vector_base<unsigned char, std::allocator<unsigned char> >::_M_deallocate (
this=0x7efff770, __p=0x23008 "", __n=4)
at /opt/arm-linux-gcc/arm-linux-gnueabihf/include/c++/4.9.2/bits/stl_vector.h:178
#9 0x0001127c in std::_Vector_base<unsigned char, std::allocator<unsigned char> >::~_Vector_base (
this=0x7efff770, __in_chrg=<optimized out>)
at /opt/arm-linux-gcc/arm-linux-gnueabihf/include/c++/4.9.2/bits/stl_vector.h:160
#10 0x00010f0c in std::vector<unsigned char, std::allocator<unsigned char> >::~vector (this=0x7efff770,
__in_chrg=<optimized out>)
at /opt/arm-linux-gcc/arm-linux-gnueabihf/include/c++/4.9.2/bits/stl_vector.h:425
#11 0x00010bdc in MyTest2 () at double_free_main.cpp:62
#12 0x00010c0c in main () at double_free_main.cpp:70
四、参考资料
https://blog.csdn.net/sinat_36544290/article/details/80910097
