* reconstructing process memory map from core
@ 2010-02-09 22:00 ineya ineya
2010-02-09 22:08 ` Daniel Jacobowitz
2010-02-10 2:41 ` Hui Zhu
0 siblings, 2 replies; 4+ messages in thread
From: ineya ineya @ 2010-02-09 22:00 UTC (permalink / raw)
To: gdb
How is symbol loading handled when shared libraries come to play?
This is my story:
I have a mips embedded device, which has little memory. So I decided
to dump the heap as the last thing, so in case there is little space
left on device, I would get at least stack, .got, etc. from binary and
shared libraries, and heap would be incomplete. I thought, that having
stack, .got, .dynsym, etc. would be enough for gdb to load symbols
from all binaries and shared libraries, and I could at least resolve
symbols from registers or stack.
But it doesn't work, gdb is trying to read something from heap, and if
this fails, no symbols are loaded. So I was wondering why gdb needs to
access heap? Or more generally how are symbols loaded / how is the
process memory map reconstructed from core file?
I thought all that is needed is to have:
- list of external function - in .dynsym I guess
- .got from runtime
and the address where shared library was in memory is computed by data
present in .got and relative position of function in .so.
Thank you for any hints.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: reconstructing process memory map from core
2010-02-09 22:00 reconstructing process memory map from core ineya ineya
@ 2010-02-09 22:08 ` Daniel Jacobowitz
2010-02-10 7:06 ` ineya ineya
2010-02-10 2:41 ` Hui Zhu
1 sibling, 1 reply; 4+ messages in thread
From: Daniel Jacobowitz @ 2010-02-09 22:08 UTC (permalink / raw)
To: ineya ineya; +Cc: gdb
On Tue, Feb 09, 2010 at 11:00:34PM +0100, ineya ineya wrote:
> But it doesn't work, gdb is trying to read something from heap, and if
> this fails, no symbols are loaded. So I was wondering why gdb needs to
> access heap? Or more generally how are symbols loaded / how is the
> process memory map reconstructed from core file?
The dynamic linker maintains a linked list of loaded shared
libraries, in the heap.
> I thought all that is needed is to have:
> - list of external function - in .dynsym I guess
> - .got from runtime
Neither of these are useful for determining shared library load
addresses. .dynsym is not useful at all; it is read-only so we can
recover it from the executable.
--
Daniel Jacobowitz
CodeSourcery
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: reconstructing process memory map from core
2010-02-09 22:00 reconstructing process memory map from core ineya ineya
2010-02-09 22:08 ` Daniel Jacobowitz
@ 2010-02-10 2:41 ` Hui Zhu
1 sibling, 0 replies; 4+ messages in thread
From: Hui Zhu @ 2010-02-10 2:41 UTC (permalink / raw)
To: ineya ineya; +Cc: gdb
Try ".dynamic" for linux.
Hui
On Wed, Feb 10, 2010 at 06:00, ineya ineya <ineyaa@gmail.com> wrote:
> How is symbol loading handled when shared libraries come to play?
>
> This is my story:
> I have a mips embedded device, which has little memory. So I decided
> to dump the heap as the last thing, so in case there is little space
> left on device, I would get at least stack, .got, etc. from binary and
> shared libraries, and heap would be incomplete. I thought, that having
> stack, .got, .dynsym, etc. would be enough for gdb to load symbols
> from all binaries and shared libraries, and I could at least resolve
> symbols from registers or stack.
>
> But it doesn't work, gdb is trying to read something from heap, and if
> this fails, no symbols are loaded. So I was wondering why gdb needs to
> access heap? Or more generally how are symbols loaded / how is the
> process memory map reconstructed from core file?
>
> I thought all that is needed is to have:
> - list of external function - in .dynsym I guess
> - .got from runtime
> and the address where shared library was in memory is computed by data
> present in .got and relative position of function in .so.
>
> Thank you for any hints.
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: reconstructing process memory map from core
2010-02-09 22:08 ` Daniel Jacobowitz
@ 2010-02-10 7:06 ` ineya ineya
0 siblings, 0 replies; 4+ messages in thread
From: ineya ineya @ 2010-02-10 7:06 UTC (permalink / raw)
To: ineya ineya, gdb
>> I thought all that is needed is to have:
>> - list of external function - in .dynsym I guess
>> - .got from runtime
>
> Neither of these are useful for determining shared library load
> addresses. .dynsym is not useful at all; it is read-only so we can
> recover it from the executable.
Well, in .got I can see where the function was at runtime, from
read-only sections I can find out which libraries are needed. So I
would only need to find the library which defines this function. Then
get its relative address, compute the relative position from start of
this shared library - by subtracting "Entry point address" of this
shared library. And finally subtract the result from value in .got,
and the result should be start of shared library in memory. Or not?
In .got of binaryA I have:
0x2ac0fd88 - for function TraceLog::logExc
from libraryA I know:
Entry point address: 0x2a20
.symtab
214: 00004d88 0 FUNC GLOBAL DEFAULT 9 _ZN8TraceLog6logExcEPKcS1
so relative from start: 0x4d88 - 0x2a20 = 0x2368
subtract this from what .got
0x2ac0fd88 - 0x2368 = 0x2ac0da20
Looking at "info shared" to see where GDB loaded the binary shows:
0x2ac0da20 0x2ac12480 Yes libraryA
So I assume, there is a catch somewhere, where this approach would
fail, I just can't see it yet.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2010-02-10 7:06 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-02-09 22:00 reconstructing process memory map from core ineya ineya
2010-02-09 22:08 ` Daniel Jacobowitz
2010-02-10 7:06 ` ineya ineya
2010-02-10 2:41 ` Hui Zhu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox