- gv is used to handle vmcore which is generated when linux crashed, accordingly you can debug vmcore with gdb
- usage:
- gcc gv.c -o gv && gv your_vmcore. And gv will print the kernel image offset if ASLR enabled.
- gdb empty_elf your_vmcore. After enter gdb, and then run source kernel image -o $offset which was printed by gv.
- gv will modify your vmcore, so you may need to back up your vmcore(cp vmcore vmcorebak)
![b18df1b784f6fd358864ed896e12971](https://private-user-images.githubusercontent.com/51011799/248263614-4ad57c39-c623-4afd-bea6-61836bde1968.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MzUxMjYxODUsIm5iZiI6MTczNTEyNTg4NSwicGF0aCI6Ii81MTAxMTc5OS8yNDgyNjM2MTQtNGFkNTdjMzktYzYyMy00YWZkLWJlYTYtNjE4MzZiZGUxOTY4LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDEyMjUlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQxMjI1VDExMjQ0NVomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWE3ZWUzYzA0NWNhNWU0NTlmNTc5MzhiN2M0ZGRiNzc3MzgxMzMyMmM4MzIyOTcyY2VmNzM2YmU1OGU4OWZiZjYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.msdq_nyrnYcSQJGQeomRtJvoDVe10HgIEw_DfvEDf-4)