Core Dumps in Linux
Core dumps are created in Linux when a process receives certain signals, like SIGSEGV, due to memory access issues.
Thread Dump and Heap Dump Analysis
A thread dump captures the stack of all live threads, helpful in analyzing application behavior.
A heap dump is a snapshot of all objects in memory, useful for memory leak detection in Java applications.
Debugging Core Dumps
To debug a core dump in Linux:
- Assume the binary is compiled with debug symbols.
- Set up the correct core pattern and resource limits.
- Run the program and use gdb to analyze the core dump.
- Investigate the issue by examining the backtrace.
Reading Core Dump on Windows
To read a core dump file on Windows:
- Open the dump file in Debugging Tools for Windows.
- Use appropriate commands in the command prompt to load the dump file into a debugger.
Using Gcore
To generate pstack and gcore using Gcore:
- Identify the process ID of the suspect process using
ps -eaf | grep -i suspect_process. - Generate the gcore using the process ID:
gcore. - Create a pstack based on the generated gcore file.