This is the mail archive of the
mailing list for the GDB project.
Re: Custom core file
- From: Duane Ellis <duane at duaneellis dot com>
- To: Nikolay Martyanov <nmartyanov at ptsecurity dot com>
- Cc: gdb at sourceware dot org
- Date: Wed, 28 Sep 2016 07:27:40 -0700
- Subject: Re: Custom core file
- Authentication-results: sourceware.org; auth=none
- References: <email@example.com>
> I have a self-written bare-metal hypervisor for x86 arch and I'd like to perform postmortem debugging of it's core (not VM, hypervisor itself!).
> So the idea is to save physical memory state and later use GDB to interpret it.
> Or may be there are any other ways to feed a raw physical memory to GDB?
here’s a method
GDB has a built in Python interpreter.
GDB has commands such as “dump” and “restore” that allow you to copy a binary file into memory.
Thus - you can use a bit of python to extract your custom core dump
For example you might use Python to unpack your custom core file into various temp binary files
Then in the same python script execute dump/restore commands to load these into memory
See: restore FILENAME binary …..