* Executing code if debuggee is a crash dump?
@ 2021-08-24 10:07 Michael Woerister
2021-08-24 13:50 ` Simon Marchi
2021-08-24 16:09 ` Christian Biesinger
0 siblings, 2 replies; 5+ messages in thread
From: Michael Woerister @ 2021-08-24 10:07 UTC (permalink / raw)
To: gdb
Hi everyone,
I'm looking into implementing debugger extensions that help with
debugging crash dumps of "async" Rust executables. Such an extension
would need to inspect the complex internals of several async runtime
implementations. We could potentially make the extension more robust and
easier to maintain if we provided a standardized inspection API in the
various runtimes and have the debugger interact with that. The functions
behind this API would be restricted to not interact with the environment
(e.g. not allocate memory, etc).
However, my research so far indicates that neither GDB nor any other
debugger is capable of executing code in a crash dump. Is that true or
am I overlooking something?
Would anybody here be able give me a definite answer to this question?
Thanks a lot for your help!
-Michael
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Executing code if debuggee is a crash dump?
2021-08-24 10:07 Executing code if debuggee is a crash dump? Michael Woerister
@ 2021-08-24 13:50 ` Simon Marchi
2021-08-25 8:56 ` Michael Woerister
2021-08-24 16:09 ` Christian Biesinger
1 sibling, 1 reply; 5+ messages in thread
From: Simon Marchi @ 2021-08-24 13:50 UTC (permalink / raw)
To: Michael Woerister, gdb
On 2021-08-24 6:07 a.m., Michael Woerister via Gdb wrote:> Hi everyone,
>
> I'm looking into implementing debugger extensions that help with debugging crash dumps of "async" Rust executables. Such an extension would need to inspect the complex internals of several async runtime implementations. We could potentially make the extension more robust and easier to maintain if we provided a standardized inspection API in the various runtimes and have the debugger interact with that. The functions behind this API would be restricted to not interact with the environment (e.g. not allocate memory, etc).
>
> However, my research so far indicates that neither GDB nor any other debugger is capable of executing code in a crash dump. Is that true or am I overlooking something?
> Would anybody here be able give me a definite answer to this question?
>
> Thanks a lot for your help!
>
> -Michael
>
Hi Michael,
Indeed, when inspecting a crash dump in GDB, there's no live process,
so you can't do function calls in it. That's one of the downsides of
relying on function calls to build pretty printers and other tools that
extract data from debugged programs.
I've sometimes heard the idea of creating a live process from a crash
dump state, but I have never seen it implemented. In theory, if that
existed, that would allow you to do function calls. But there is some
state that can't really be restored, like file descriptors, so that
limits what you can do. Another downside of that is that you wouldn't
be able to inspect a core dump on a different architecture than what the
core dump was created on (something that is useful for embedded
devices).
So people often end up using some GDB / Python code that has the
knowledge of the program's internal data structures. For example, the
Linux kernel:
https://github.com/torvalds/linux/blob/master/scripts/gdb/vmlinux-gdb.py
Simon
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Executing code if debuggee is a crash dump?
2021-08-24 10:07 Executing code if debuggee is a crash dump? Michael Woerister
2021-08-24 13:50 ` Simon Marchi
@ 2021-08-24 16:09 ` Christian Biesinger
2021-08-25 9:02 ` Michael Woerister
1 sibling, 1 reply; 5+ messages in thread
From: Christian Biesinger @ 2021-08-24 16:09 UTC (permalink / raw)
To: Michael Woerister; +Cc: Reuben Thomas via Gdb
On Tue, Aug 24, 2021 at 6:08 AM Michael Woerister via Gdb
<gdb@sourceware.org> wrote:
> I'm looking into implementing debugger extensions that help with
> debugging crash dumps of "async" Rust executables. Such an extension
> would need to inspect the complex internals of several async runtime
> implementations. We could potentially make the extension more robust and
> easier to maintain if we provided a standardized inspection API in the
> various runtimes and have the debugger interact with that. The functions
> behind this API would be restricted to not interact with the environment
> (e.g. not allocate memory, etc).
>
> However, my research so far indicates that neither GDB nor any other
> debugger is capable of executing code in a crash dump. Is that true or
> am I overlooking something?
> Would anybody here be able give me a definite answer to this question?
If you can reproduce the bug, you could run under
https://rr-project.org/, which would allow you to call functions.
Christian
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Executing code if debuggee is a crash dump?
2021-08-24 13:50 ` Simon Marchi
@ 2021-08-25 8:56 ` Michael Woerister
0 siblings, 0 replies; 5+ messages in thread
From: Michael Woerister @ 2021-08-25 8:56 UTC (permalink / raw)
To: Simon Marchi; +Cc: gdb
Thank you for the quick response, Simon! That confirms my assumptions.
Being able to inspect crash dumps from a different target architecture
is one of our requirements too.
> So people often end up using some GDB / Python code that has the
> knowledge of the program's internal data structures.
Yes, that is the route that we will have to go then.
-Michael
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Executing code if debuggee is a crash dump?
2021-08-24 16:09 ` Christian Biesinger
@ 2021-08-25 9:02 ` Michael Woerister
0 siblings, 0 replies; 5+ messages in thread
From: Michael Woerister @ 2021-08-25 9:02 UTC (permalink / raw)
To: Christian Biesinger; +Cc: Reuben Thomas via Gdb
> If you can reproduce the bug, you could run under
> https://rr-project.org/, which would allow you to call functions.
Thank you for the suggestion, Christian!
Unfortunately, we cannot assume that a given bug can be reproduced
locally or that rr would be available in the production environment.
-Michael
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2021-08-25 9:02 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-24 10:07 Executing code if debuggee is a crash dump? Michael Woerister
2021-08-24 13:50 ` Simon Marchi
2021-08-25 8:56 ` Michael Woerister
2021-08-24 16:09 ` Christian Biesinger
2021-08-25 9:02 ` Michael Woerister
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).