如何分析CoreDump文件

如何分析CoreDump文件

CoreDump文件一般位于手机/data/core/目录下，如/data/core/!system!bin!app_process32.8115.QSTileHost

1.使用Eclipse ADT分析coredump

     Eclipse-->Run-->Debug Configurations-->C/C++ Postmortem Debugger 右击New或者双击生成一个New configuration:

Name: 随便取一个标识此次debug的名字

C/C++ Application: /data1/AJ9_3/out/target/product/idol347/symbols/system/bin/app_process32
 (通过查看从手机导出来的coredump文件名，来看具体填哪个bin，本次调试用corefile文件名为!system!bin!app_process32.7740.QSTileHost，很明显就是app_process32 )

Core file: /data1/AJ9_3/coredump/!system!bin!app_process32.7740.QSTileHost
（从手机data/core目录导出来）

GDB debugger： /data1/AJ9_3/prebuilts/gcc/linux-x86/arm/arm-linux-androideabi-4.8/bin/arm-linux-androideabi-gdb

Shared Libraries: /data1/AJ9_3/out/target/product/idol347/symbols/system/lib/
(带symbol的共享库文件)

 

待这以上几项都配置好了，点击Debug，确认OK就可显示crash信息。

点击Yes确认，进入Debug界面：

通过Debug栏依照Thread ID从小到大查看，发现Thread[1] 定位SetTorchBrightness() at torchnative.cpp:157， 发现strcpy()有问题。

2.直接通过gdb工具分析CoreDump定位问题

1)shell终端执行命令:gdb文件 手机可执行程序文件名 core文件名

user@aclgcl-ubnt:/data1/AJ9_3$ ./prebuilts/gcc/linux-x86/arm/arm-linux-androideabi-4.8/bin/arm-linux-androideabi-gdb out/target/product/idol347/symbols/system /bin/app_process32 ./coredump/\!system\!bin\!app_process32.7740.QSTileHost

3)gdb终端执行命令：set solib-search-patch 共享库位置

(gdb) set solib-search-path out/target/product/idol347/symbols/system/lib/

4)gdb终端执行bt命令查看backstack信息

(gdb) bt

user@aclgcl-ubnt:/data1/AJ9_3$./prebuilts/gcc/linux-x86/arm/arm-linux-androideabi-4.8/bin/arm-linux-androideabi-gdb out/target/product/idol347/symbols/system
/bin/app_process32 ./coredump/\!system\!bin\!app_process32.7740.QSTileHost
GNU gdb (GDB) 7.6 
Copyright (C) 2013 Free Software Foundation, Inc. 
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> 
This is free software: you are free to change and redistribute it. 
There is NO WARRANTY, to the extent permitted by law.  Type "show copying" 
and "show warranty" for details. 
This GDB was configured as "--host=x86_64-linux-gnu --target=arm-linux-android". 
For bug reporting instructions, please see: 
<http://source.android.com/source/report-bugs.html>... 
Reading symbols from /data1/AJ9_3/out/target/product/idol347/symbols/system/bin/app_process32...done. 

warning: core file may not match specified executable file. 
[New LWP 7804] 
[New LWP 7749] 
[New LWP 7757] 
.
.
.
[New LWP 7740] 
[New LWP 7803] 
[New LWP 7802] 

warning: Could not load shared library symbols for 115 libraries, e.g. /system/bin/linker. 
Use the "info sharedlibrary" command to see the complete listing. 
Do you need "set solib-search-path" or "set sysroot"? 
Core was generated by `com.android.systemui                                                       '. 
Program terminated with signal 11, Segmentation fault. 
#0  0xb6f880b2 in ?? () 
(gdb) set solib-search-path out/target/product/idol347/symbols/system/lib/ 
Reading symbols from /data1/AJ9_3/out/target/product/idol347/symbols/system/lib/libc.so...done. 
Loaded symbols for /data1/AJ9_3/out/target/product/idol347/symbols/system/lib/libc.so 
Reading symbols from /data1/AJ9_3/out/target/product/idol347/symbols/system/lib/libm.so...done. 
.
.
.
Loaded symbols for /data1/AJ9_3/out/target/product/idol347/symbols/system/lib/libmemalloc.so 
Reading symbols from /data1/AJ9_3/out/target/product/idol347/symbols/system/lib/libqdMetaData.so...done. 
Loaded symbols for /data1/AJ9_3/out/target/product/idol347/symbols/system/lib/libqdMetaData.so 
(gdb) bt 
#0  0xb6f880b2 in strcpy () at bionic/libc/arch-arm/cortex-a15/bionic/strcpy.S:81 
#1  0xa5bf26e6 in strcpy (src=0xa5bf299d "TEST", dest=0xa5bf2998 "test") at bionic/libc/include/string.h:119 
#2  SetTorchBrightness (env=<optimized out>, thiz=<optimized out>, brightness=200) at frameworks/base/packages/SystemUI/jni/torchnative.cpp:157 
#3  0x00000024 in ?? () 
#4  0x00000024 in ?? () 
Backtrace stopped: previous frame identical to this frame (corrupt stack?) 
(gdb)

同样定位问题在torchnative.cpp:157 strcpy函数