In the operation and maintenance of computer systems, we often encounter dmp files generated due to abnormal program or system crashes . At this time, we need to parse the dmp file to find the cause of the exception. In Linux systems, there are many excellent dmp file viewer tools. This article will introduce several of them and explain in detail how to use them to analyze dmp files.
1. What is a dmp file?
The dmp file refers to the crash dump file in the Windows operating system. Its function is to regularly and automatically dump the memory, register status and stack information owned by the process to the hard disk as a crash log when an application or operating system crashes. , so that it can be used later to analyze the cause of the program crash.
In the Linux system, due to its open source code characteristics, when the system crashes, it will automatically contain enough debugging information. Generally, there is no need to manually dump the dmp file, but in some special cases, we may also need to manually dump the dmp file. dmp file to get more information about system exceptions.
2. Analysis of dmp files
For the analysis of DMP files, we need to use specialized tools to view and analyze the information recorded in the DMP files to quickly locate problems and propose solutions.
In Linux systems, there are many tools that can be used for analysis of DMP files, including regular text editors and debuggers, as well as some specialized DMP file viewers. We’ll detail a few of these commonly used tools below.
1、GDB
GDB is an excellent debugger that can be used for various debugging tasks in Linux systems. When processing a dmp file, we can use GDB to read the information in the file and display relevant memory, registers, call stack and other information to help us quickly locate the cause of the program crash.
When using GDB to process dmp files, you need to run the following command:
gdb -c dmp_file_name
Among them, dmp_file_name is the name of the dmp file that needs to be processed. After running the above command, you can use various commands that come with GDB to view the information written in the dmp file to diagnose the problem.
2、objdump
objdump is a commonly used disassembly tool that can be used to view the binary code in the program . When processing a dmp file, we can use objdump to view the call stack information in the dmp file and locate the crashed code line and the corresponding binary instruction to help resolve the exception.
When using objdump to process dmp files, you need to run the following command:
objdump –dwarf=dump -r dmp_file_name
Among them, dmp_file_name is the name of the dmp file that needs to be processed. After running the above command, you can view the call stack information and code lines in the dmp file to analyze the cause of the program crash.
3、pstack
pstack is a lightweight stack tracing tool that can be used to view the call stack information of a program while it is running. When processing dmp files, we can use pstack to view the call stack information in the dmp file, and then analyze the cause of the program crash.
When using pstack to process dmp files, you need to run the following command:
pstack dmp_file_name
Among them, dmp_file_name is the name of the dmp file that needs to be processed. After running the above command, you can view the call stack information in the dmp file and find out why the program crashed.
3. Recommended dmp file viewer under Linux
In addition to the tools mentioned above, there are many excellent dmp file viewers available for Linux systems. These tools can directly read the information in the dmp file and provide a graphical interface for user convenience.
1、crash
crash is a crash dump analysis tool based on the Linux kernel, which can be used to read and analyze information in dmp files. Since it runs directly on the kernel, it can quickly process large amounts of information in dmp files.
When using crash to analyze dmp files, you can use the following commands:
crash vmcore_path
Among them, vmcore_path is the path of the dmp file that needs to be analyzed. After running the above command, you can use the crash command to view the information in the dmp file and analyze the cause of the program crash.
2、core
gcore is a crash dump tool based on the GNU tool chain, which can be used to generate program dmp files in Linux systems. In addition to generating dmp files, it can also be used to analyze the information in dmp files to help locate problems.
When using gcore to generate a dmp file, you need to run the following command:
gcore pid
Among them, pid is the process ID of the program that needs to crash. After running the above command, a dmp file named core.pid will be generated in the current directory. We can use other tools to view and analyze the information in the file.
3、strace
strace is a tool based on system call tracing, which can be used to track the system call process of a program during runtime and generate corresponding log files. When processing dmp files, we can use strace to trace the system calls while the program is running to find the cause of the crash.
When using strace to process dmp files, you need to run the following command:
strace -o output_file_name -ff -s99999 -p pid
Among them, pid is the process ID of the program that needs to be traced, and output_file_name is the name of the log file that needs to be output. After running the above command, a log file named output_file_name.pid will be generated, and we can use other tools to view and analyze the information in the file.
4. Summary
Through the above introduction, we can see that there are many excellent dmp file viewers in Linux systems that can be used to analyze the reasons for program crashes. Users can choose different tools to process dmp files according to their own needs, quickly locate problems and propose solutions. In practical applications, we recommend that users choose the most suitable tool to process DMP files based on their experience and skill level.
Reprinted from: Essential for parsing dmp files, recommended viewer under linux (dmp linux viewer) - database operation and maintenance technical services