Corefile Dump

背景

在程序不寻常退出时，内核会在当前工作目录下生成一个core文件（是一个内存映像，同时加上调试信息）。使用gdb来查看core文件，可以指示出导致程序出错的代码所在文件和行数。

core文件的生成开关和大小限制

• 使用ulimit -c命令可查看core文件的生成开关。若结果为0，则表示关闭了此功能，不会生成core文件。
• 使用ulimit -c filesize命令，可以限制core文件的大小（filesize的单位为KB）。若ulimit -c unlimited，则表示core文件的大小不受限制。如果生成的信息超过此大小，将会被裁剪，最终生成一个不完整的core文件。在调试此core文 件的时候，gdb会提示错误。

永久设置corefile大小 4G

需重启服务器才能生效！

echo " * soft core 4194304" >> /etc/security/limits.conf
echo " * hard core 4194304" >> /etc/security/limits.conf


#It does not affect resource limits of the system services.
#
#Also note that configuration files in /etc/security/limits.d directory,
#which are read in alphabetical order, override the settings in this
#file in case the domain is the same or more specific.
#That means for example that setting a limit for wildcard domain here
#can be overriden with a wildcard setting in a config file in the
#subdirectory, but a user specific setting here can be overriden only
#with a user specific setting in the subdirectory.
#
#Each line describes a limit for a user in the form:
#
#<domain>        <type>  <item>  <value>
#
#Where:
#<domain> can be:
#        - a user name
#        - a group name, with @group syntax
#        - the wildcard *, for default entry
#        - the wildcard %, can be also used with %group syntax,
#                 for maxlogin limit
#
#<type> can have the two values:
#        - "soft" for enforcing the soft limits
#        - "hard" for enforcing hard limits
#
#<item> can be one of the following:
#        - core - limits the core file size (KB)
#        - data - max data size (KB)
#        - fsize - maximum filesize (KB)
#        - memlock - max locked-in-memory address space (KB)
#        - nofile - max number of open file descriptors
#        - rss - max resident set size (KB)
#        - stack - max stack size (KB)
#        - cpu - max CPU time (MIN)
#        - nproc - max number of processes
#        - as - address space limit (KB)
#        - maxlogins - max number of logins for this user
#        - maxsyslogins - max number of logins on the system
#        - priority - the priority to run user process with
#        - locks - max number of file locks the user can hold
#        - sigpending - max number of pending signals
#        - msgqueue - max memory used by POSIX message queues (bytes)
#        - nice - max nice priority allowed to raise to values: [-20, 19]
#        - rtprio - max realtime priority
#
#<domain>      <type>  <item>         <value>
#

#*               soft    core            0
#*               hard    rss             10000
#@student        hard    nproc           20
#@faculty        soft    nproc           20
#@faculty        hard    nproc           50
#ftp             hard    nproc           0
#@student        -       maxlogins       4

core文件生成路径

默认在输入可执行文件运行命令的同一路径下。若系统生成的core文件不带其它任何扩展名称，则全部命名为core。新的core文件生成将覆盖原来的core文件。

• /proc/sys/kernel/core_uses_pid可以控制core文件的文件名中是否添加pid作为扩展。文件内容为1，表示添加pid作为扩展名，生成的core文件格式为core.xxxx；为0则表示生成的core文件同一命名为core。

• proc/sys/kernel/core_pattern可以控制core文件保存位置和文件名格式。
  以下是参数列表:

  1. %p - insert pid into filename 添加pid
  2. %u - insert current uid into filename 添加当前uid
  3. %g - insert current gid into filename 添加当前gid
  4. %s - insert signal that caused the coredump into the filename 添加导致产生core的信号
  5. %t - insert UNIX time that the coredump occurred into filename 添加core文件生成时的unix时间
  6. %h - insert hostname where the coredump happened into filename 添加主机名
  7. %e - insert coredumping executable name into filename 添加命令名

案例

将core文件添加pid作为扩展名，存放到/data/corefile/

echo 1 |tee /proc/sys/kernel/core_uses_pid
echo "/data/corefile/core_%e_%t" |tee /proc/sys/kernel/core_pattern