- gv is used to handle vmcore which is generated when linux crashed, accordingly you can debug vmcore with gdb
- usage:
- gcc gv.c -o gv && gv your_vmcore. And gv will print the kernel image offset if ASLR enabled.
- gdb empty_elf your_vmcore. After enter gdb, and then run source kernel image -o $offset which was printed by gv.
- gv will modify your vmcore, so you may need to back up your vmcore(cp vmcore vmcorebak)
![b18df1b784f6fd358864ed896e12971](https://private-user-images.githubusercontent.com/51011799/248263614-4ad57c39-c623-4afd-bea6-61836bde1968.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MzcwNDQ0NTYsIm5iZiI6MTczNzA0NDE1NiwicGF0aCI6Ii81MTAxMTc5OS8yNDgyNjM2MTQtNGFkNTdjMzktYzYyMy00YWZkLWJlYTYtNjE4MzZiZGUxOTY4LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNTAxMTYlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjUwMTE2VDE2MTU1NlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTExZTkyZTkzNThiZWE5YmUxZDZkMGYzMzk0ZDkxYjQ0N2E2OGFmZjYxZDU4YjIyMmI2YjJhMDdkYzYxZjMwMTkmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.twk4cudvWzdsB5bD6FEjxhe5ZahJfW6PWLSGJbKfez8)