Re: reconstructing process memory map from core

Mirror of the gdb mailing list
 help / color / mirror / Atom feed

From: ineya ineya <ineyaa@gmail.com>
To: ineya ineya <ineyaa@gmail.com>, gdb@sourceware.org
Subject: Re: reconstructing process memory map from core
Date: Wed, 10 Feb 2010 07:06:00 -0000	[thread overview]
Message-ID: <7b8592a1002092306ta508f3cn419a1e446b6d6ac3@mail.gmail.com> (raw)
In-Reply-To: <20100209220815.GA14898@caradoc.them.org>

>> I thought all that is needed is to have:
>> - list of external function - in .dynsym I guess
>> - .got from runtime
>
> Neither of these are useful for determining shared library load
> addresses.  .dynsym is not useful at all; it is read-only so we can
> recover it from the executable.

Well, in .got I can see where the function was at runtime, from
read-only sections I can find out which libraries are needed. So I
would only need to find the library which defines this function. Then
get its relative address, compute the relative position from start of
this shared library - by subtracting "Entry point address" of this
shared library. And finally subtract the result from value in .got,
and the result should be start of shared library in memory. Or not?

In .got of binaryA I have:
0x2ac0fd88 - for function TraceLog::logExc

from libraryA I know:
Entry point address:               0x2a20
.symtab
214: 00004d88     0 FUNC    GLOBAL DEFAULT    9 _ZN8TraceLog6logExcEPKcS1
so relative from start: 0x4d88 - 0x2a20 = 0x2368

subtract this from what .got
0x2ac0fd88 - 0x2368 = 0x2ac0da20

Looking at "info shared" to see where GDB loaded the binary shows:
0x2ac0da20  0x2ac12480  Yes         libraryA

So I assume, there is a catch somewhere, where this approach would
fail, I just can't see it yet.

next prev parent reply	other threads:[~2010-02-10  7:06 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-02-09 22:00 ineya ineya
2010-02-09 22:08 ` Daniel Jacobowitz
2010-02-10  7:06   ` ineya ineya [this message]
2010-02-10  2:41 ` Hui Zhu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=7b8592a1002092306ta508f3cn419a1e446b6d6ac3@mail.gmail.com \
    --to=ineyaa@gmail.com \
    --cc=gdb@sourceware.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox