CASR: анализ coredump файлов в ОС Linux и составление отчётов об ошибках

Abstract

Despite the fact that software development uses various technologies and approaches to diagnose errors in the early stages of development and testing, some errors are discovered during operation. To the user, errors often look like a program crash while running. To collect reports on program crashes, a special analysis component is built into the operating system. Such a component is present in both Windows OS and Linux-based OS, in particular Ubuntu. An important parameter is the severity of the error found, and this information is useful to both the developer of the distribution kit and the user. In particular, users with such diagnostics can take organizational and technical measures before the release of a bug fix from the software developer. The article introduces CASR: a tool for analyzing a memory image at the time of a process termination (coredump) and reporting errors. The tool allows you to assess the severity of the detected crash by analyzing the memory image, as well as collect the necessary information for the developer to help fix the defect. Such information is: OS distribution version, package version, process memory card, state of registers, values of environment variables, call stack, signal number that led to abnormal termination, etc. Severity assessment enables the software developer to correct errors, which are the most dangerous in the first place. CASR can detect files and network connections that were open at the time of the crash. This information will help reproduce the error, and will help users and administrators take action in the event of an attack on the system. The tool is designed to work on Linux OS and supports x86 / 64, armv7 architectures and can be supplied as a package for Debian-based distributions. The tool has been successfully tested with several open source bugs.