This is the mail archive of the
gdb@sourceware.org
mailing list for the GDB project.
Re: Custom core file
- From: Nikolay Martyanov <nmartyanov at ptsecurity dot com>
- To: <gdb at sourceware dot org>
- Date: Wed, 28 Sep 2016 18:03:03 +0300
- Subject: Re: Custom core file
- Authentication-results: sourceware.org; auth=none
- References: <fb396495-657e-1429-d773-f302171ae3b7@ptsecurity.com>
<http://www.securitylab.ru/>Thanks for response!
> Then in the same python script execute dump/restore commands to load
these into memory
I have tried to use "dump/restore" approach, but there is an issue.
When you use a restore command, you should already be in a context of
debugging process.
I tried it like this:
1. Run GDB
2. Load symbols with `file core.so`
3. Try to shove memory with `restore raw_mem.dump`
After that I have message: `You can't do that without a process to debug.`
So, I guess, dump/restore approach works only in two cases:
a) debugging live process you have attached to (it's not my case, as I
perform postmortem debug)
b) already has loaded core file, which provides a context via saved CPU
state - and it is the way I chose to follow.
Am I wrong in my guesses?
Thanks,
Nikolay