User Process crash dump file creation.

Most of the time, it has been observed that the user process stops unexpectedly. It is difficult to conclude the root cause  by analyzing application log. In that case, there may be a chance that process gets crashed due to invalid read/write access violation. It is also known as segmentation fault.

Some time, it is difficult to understand why segmentation fault occur. To do analysis, you may need to debug dump(core) file. By default system will not create dump(core) file whenever the crash occur. User has to configure system so that whenever a user process crashed, OS will create dump file. Here is the steps to configure system to get dump(core) file whenever user process crash.

LINUX

In the Linux system, user has give below command in root privilege.

$ ulimit -c unlimited.

By default, core file name will be core for each process. To give proper name to core file with process name, PID etc., User has to modify “/proc/sys/kernel/core_pattern” . For information, refer “man core” page.

WINDOWS

To Enable the dump file creation whenever user process crash user has to create below registry using administrator privileges.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps 

User has to follow below steps to create above entry in registry.

  • Create a file with name as “dump.reg”.
  • Open “dump.reg” with notepad.
  • Add below content and save it.

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps]
“DumpFolder”=hex(2):44,00,3a,00,5c,00,64,00,75,00,6d,00,70,00,00,00
“DumpCount”=dword:00000010
“DumpType”=dword:00000002
“CustomDumpFlags”=dword:00000000

  • Execute “dump.reg”. It will create a registry as “LocalDumps”. which can be confirmed by “regedit.exe” command.
  • Create a folder in C:\CrashDumps.

After above configure, if any user process crash, the dump file will be created in “C:\CrashDumps” location so that user can do analysis to find cause of crash.

Segmentation fault In Linux

A segmentation fault is a particular error condition that can be occur during the operation of computer software.A segmentation fault occurs when a program attempts to access a memory location that is not allowed to access, or attempts to access a memory that is not allowed.For example attempting to write a read only location or to overwrite to the memory where a part of operating system is there.

On Unix/Linux-like operating systems, a process that accesses invalid memory receives the SIGSEGV signal. Segmentation faults are commonly referred to as segfaults. Here is some example that create segmentation faults.

int main()

{

char *str = “india”;

*str = ‘H’;

return 0;

}

When the program containing this code is compiled, the string “india” is placed in the section of program marked as read only. when loaded the OS places it with other string and constant data in a read only segment of memory. when executed ,the variable str is pointed to that string location and attempts to write ‘H’ into the memory which cause segfaluts.

Some of the common mistake which leads segfault are given below

  • Dereferencing NULL
  • Dereferencing an uninitialized pointer
  • Dereferencing a pointer that has been freed or deleted in c++ or that has gone out of scope
  • Writing off end of the array

Posted in Linux. 1 Comment »