I wrote the following C programm
#include<stdio.h>
#include<stdlib.h>
#include<unistd.h>
void main(){
char *variable = "CodeName0...";
while (1){
printf("%s\n%d\n","hello from gencore code source",getpid());
sleep(2);
}
exit(0);
}
after running it I sent a SIGABRT signal using the following command
kill -6 <process Id from code execution>
this generated a core dump file under the name core inside the same directory
I want to read the content of cpu registers ( IP ... ) but I didn't manage to do it
I'm runnig parrot OS, this is the output of uname -a
Linux Parrot 5.16.0-12parrot1-amd64 #1 SMP PREEMPT Debian 5.16.12-2parrot1 (2022-03-11) x86_64 GNU/Linux
I tried using gdb but I'm getting this error
"0x7fffd7f6de10s": not in executable format: file format not recognized
I would like to know why this is the case ( file format not recognized )
CodePudding user response:
Not really sure how to explain it any further:
$ gdb <binary> <core>
i all-registers
where <binary> is your binary, ideally compiled with -g3, and <core> is your core file that was dumped. You may need to navigate to different frame (bt and f <number> where <number> is the frame number). all-registers is a little verbose but here is i register output:
rax 0xfffffffffffffdfc -516
rbx 0xffffffffffffff80 -128
rcx 0x7fa81f0c650a 140360052139274
rdx 0x7ffc19fe2020 140720744570912
rsi 0x0 0
rdi 0x0 0
rbp 0x0 0x0
rsp 0x7ffc19fe1fe0 0x7ffc19fe1fe0
r8 0x0 0
r9 0x27 39
r10 0x7ffc19fe2020 140720744570912
r11 0x246 582
r12 0x562d5cc38070 94752829833328
r13 0x0 0
r14 0x0 0
r15 0x0 0
rip 0x7fa81f0c650a 0x7fa81f0c650a <__GI___clock_nanosleep 42>
eflags 0x246 [ PF ZF IF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0