gdb

1. ulimit -c unlimited # <- coreをはかせるように設定する。
2. ./hello
[indou@std tstPrg027]$ ./hello
セグメンテーション違反です
[indou@std tstPrg027]$
3. gdb hello core.10123

[indou@std tstPrg027]$ gdb hello core.10123
GNU gdb Red Hat Linux (6.3.0.0-1.153.el4_6.2rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db
library "/lib/tls/libthread_db.so.1".

Core was generated by `./hello'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /lib/tls/libc.so.6...done.
Loaded symbols for /lib/tls/libc.so.6
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
#0 0x00ae34a6 in strcpy () from /lib/tls/libc.so.6 # <- strcpyで止まっている。
(gdb) where # <- 関数呼び出しの状態を確認
#0 0x00ae34a6 in strcpy () from /lib/tls/libc.so.6
#1 0x080483d3 in main (argc=1, argv=0xbfe992b4) at hello.c:6
(gdb) up # <- strcpyの中で止まっているので、-gオプション付きでコンパイルされてないため、一つ上へ
#1 0x080483d3 in main (argc=1, argv=0xbfe992b4) at hello.c:6
6 strcpy(ptr, "hello, world\n");
(gdb) l 6
1 #include
2 #include
3 #include
4 int main(int argc, char *argv[]) {
5 char *ptr = NULL;
6 strcpy(ptr, "hello, world\n");
7 printf("%s", ptr);
8 return EXIT_SUCCESS;
9 }
(gdb) p ptr　# <- NULLポインタへの書き込み
$1 = 0x0
(gdb) quit
[indou@std tstPrg027]$

Electric Fence

Electric Fence
[indou@std tstPrg029]$ cat mem.c
#include
#include
#include
int main(int argc, char *argv[]) {
char *buf;
int i;
buf = (char *)malloc(10);
for (i = 0; i < 20; i++) {
fprintf(stderr, "%d\n", i);
buf[i] = i;
}
return 0;
}
[indou@std tstPrg029]$ ./mem
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
[indou@std tstPrg029]$ LD_PRELOAD=/usr/lib/libefence.so ./mem # <- プリロード

Electric Fence 2.2.0 Copyright (C) 1987-1999 Bruce Perens <bruce@perens.com>
0
1
2
3
4
5
6
7
8
9
10
11
12
セグメンテーション違反です
[indou@std tstPrg029]$ export EF_ALIGNMENT=1 # <-- 4byte単位の境界合わせをしない
[indou@std tstPrg029]$ LD_PRELOAD=/usr/lib/libefence.so ./mem

Electric Fence 2.2.0 Copyright (C) 1987-1999 Bruce Perens <bruce@perens.com>
0
1
2
3
4
5
6
7
8
9
10
セグメンテーション違反です
[indou@std tstPrg029]$
[indou@std tstPrg029]$ export EF_PROTECT_BELOW=1
[indou@std tstPrg029]$ ./mem2
2
1
0
-1
-2
[indou@std tstPrg029]$ LD_PRELOAD=/usr/lib/libefence.so ./mem2

Electric Fence 2.2.0 Copyright (C) 1987-1999 Bruce Perens <bruce@perens.com>
2
1
0
-1
セグメンテーション違反です
[indou@std tstPrg029]$ unset EF_PROTECT_BELOW
[indou@std tstPrg029]$ LD_PRELOAD=/usr/lib/libefence.so ./mem2

Electric Fence 2.2.0 Copyright (C) 1987-1999 Bruce Perens <bruce@perens.com>
2
1
0
-1
-2
[indou@std tstPrg029]$

mtrace

[indou@std tstPrg030]$ cat free.c
#include
#include
#include
#include
int main() {
char *buf1, *buf2;
mtrace();
buf1=(char *)malloc(10);
buf2=(char *)malloc(10);
free(buf1);
muntrace();
return EXIT_SUCCESS;
}
[indou@std tstPrg030]$
[indou@std tstPrg030]$ ./free
[indou@std tstPrg030]$ ls -l
合計 20
-rw-r--r-- 1 indou users 507 2月 26 01:03 Makefile
-rwxr-xr-x 1 indou users 6212 2月 26 01:03 free
-rw-r--r-- 1 indou users 225 2月 26 01:02 free.c
-rw-r--r-- 1 indou users 2480 2月 26 01:03 free.o
[indou@std tstPrg030]$ export MALLOC_TRACE=./free.dat
[indou@std tstPrg030]$ ./free
[indou@std tstPrg030]$ ls -l
合計 24
-rw-r--r-- 1 indou users 507 2月 26 01:03 Makefile
-rwxr-xr-x 1 indou users 6212 2月 26 01:03 free
-rw-r--r-- 1 indou users 225 2月 26 01:02 free.c
-rw-r--r-- 1 indou users 121 2月 26 01:03 free.dat
-rw-r--r-- 1 indou users 2480 2月 26 01:03 free.o
[indou@std tstPrg030]$ mtrace free free.dat

Memory not freed:
-----------------
Address Size Caller
0x0989c388 0xa at /home/indou/src/c/tstPrg030/free.c:9
[indou@std tstPrg030]$ sed -n "9p" free.c
buf2=(char *)malloc(10);
[indou@std tstPrg030]$