Fatal编程技术网
  • linux-kernel/
  • Linux kernel 我向GDB添加了一个符号文件。为什么地址不同?

Linux kernel 我向GDB添加了一个符号文件。为什么地址不同?

linux-kernel gdb

Linux kernel 我向GDB添加了一个符号文件。为什么地址不同?,linux-kernel,gdb,debug-symbols,Linux Kernel,Gdb,Debug Symbols,我向GDB添加了一个符号文件来调试内核模块。 但是,GDB输出与我注册的地址不同 为什么cardev_write()函数的地址是0x13d? 我想将cardev_write()函数的地址设为0xFFFFFFFFC0904119 模块存储器 @ubuntu:~$ sudo cat /proc/kallsyms |grep chardev ffffffffc0904000 t chardev_release [chardev] ffffffffc090403a t copy_overflow.co

我向GDB添加了一个符号文件来调试内核模块。 但是,GDB输出与我注册的地址不同

为什么cardev_write()函数的地址是0x13d? 我想将cardev_write()函数的地址设为0xFFFFFFFFC0904119

模块存储器

@ubuntu:~$ sudo cat /proc/kallsyms |grep chardev
ffffffffc0904000 t chardev_release  [chardev]
ffffffffc090403a t copy_overflow.constprop.0    [chardev]
ffffffffc0904056 t chardev_read [chardev]
ffffffffc0904119 t chardev_write    [chardev]
ffffffffc090420c t chardev_init [chardev]
ffffffffc09065a0 b chardev_cdev [chardev]
ffffffffc0906608 b chardev_major    [chardev]
ffffffffc0906580 b __key.28485  [chardev]
ffffffffc0906580 b chardev_class    [chardev]
ffffffffc0904390 t chardev_exit [chardev]
ffffffffc09051d5 r .LC2 [chardev]
ffffffffc0906140 d __this_module    [chardev]
ffffffffc0906000 d chardev_fops [chardev]
ffffffffc0904390 t cleanup_module   [chardev]
ffffffffc090420c t init_module  [chardev]
ffffffffc0906480 b G_Data   [chardev]
ffffffffc04b5120 d kvm_chardev_ops  [kvm]
@ubuntu:~$
系统信息

$ uname -a
Linux ubuntu 4.18.0-13-generic #14-Ubuntu SMP Wed Dec 5 09:04:24 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
设置gdb

$ gdb /usr/lib/debug/boot/vmlinux-4.18.0-13-generic
GNU gdb (Ubuntu 8.2-0ubuntu1) 8.2
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/lib/debug/boot/vmlinux-4.18.0-13-generic...done.
(gdb) add-symbol-file Kernel/Module/SS/chardev.ko 0xffffffffc0904000
add symbol table from file "Kernel/Module/SS/chardev.ko" at
    .text_addr = 0xffffffffc0904000
(y or n) y
Reading symbols from Kernel/Module/SS/chardev.ko...(no debugging symbols found)...done.
(gdb) b chardev_write
Breakpoint 1 at 0x13d
(gdb)
+添加信息

节标题

@ubuntu:~/Kernel/Module/SS$ readelf -WS chardev.ko | grep '\.text$'
@ubuntu:~/Kernel/Module/SS$ readelf -WS chardev.ko | grep '.text'
  [ 2] .text             PROGBITS        0000000000000000 000064 000000 00  AX  0   0  1
  [ 3] .text.unlikely    PROGBITS        0000000000000000 000064 0003bb 00  AX  0   0  1
  [ 4] .rela.text.unlikely RELA            0000000000000000 001278 0006a8 18   I 17   3  8
@ubuntu:~/Kernel/Module/SS$
符号信息

@ubuntu:~/Kernel/Module/SS$ nm chardev.ko | grep ' chardev_release$'
000000000000006d t chardev_release
@ubuntu:~/Kernel/Module/SS$
/proc/kallsyms

@ubuntu:~/Kernel/Module/SS$ sudo cat /proc/kallsyms |grep chardev
ffffffffc0587000 t device_lseek [chardev]
ffffffffc058706d t chardev_release  [chardev]
ffffffffc05870a7 t chardev_write    [chardev]
ffffffffc0587136 t chardev_read [chardev]
ffffffffc05871f0 t chardev_init [chardev]
ffffffffc0589460 b chardev_cdev [chardev]
ffffffffc05894c8 b chardev_major    [chardev]
ffffffffc0589440 b __key.28489  [chardev]
ffffffffc0589440 b chardev_class    [chardev]
ffffffffc0587348 t chardev_exit [chardev]
ffffffffc0589100 d __this_module    [chardev]
ffffffffc0589000 d chardev_fops [chardev]
ffffffffc0587348 t cleanup_module   [chardev]
ffffffffc05871f0 t init_module  [chardev]
@ubuntu:~/Kernel/Module/SS$
调试

(gdb)添加符号文件Kernel/Module/SS/chardev.ko 0xFFFFFFC0904000

这很可能是在错误的地址添加模块

要找出正确的地址,您需要两个数字:

  • chardev.ko
    .text
    部分的开头(使用
    readelf-WS chardev.ko | grep'\.text$”
    查找它)
  • 加载
    chardev.ko
    时内核应用的重新定位。找到此重定位的最简单方法是计算
    &chardev_release
    中的
    &chardev_release
    --
    0xffffffffc0904000
    chardev.ko
    中的符号地址之间的增量——使用
    nm chardev.ko | grep'chardev_release$'
    获取它)
将这两个数字相加,这应该是您想要添加符号文件的地址。

谢谢您的回答。我照你说的做了,但我解决不了这个问题。我写了补充资料。 
@ubuntu:~/Kernel/Module/SS$ sudo cat /proc/kallsyms |grep chardev
ffffffffc0587000 t device_lseek [chardev]
ffffffffc058706d t chardev_release  [chardev]
ffffffffc05870a7 t chardev_write    [chardev]
ffffffffc0587136 t chardev_read [chardev]
ffffffffc05871f0 t chardev_init [chardev]
ffffffffc0589460 b chardev_cdev [chardev]
ffffffffc05894c8 b chardev_major    [chardev]
ffffffffc0589440 b __key.28489  [chardev]
ffffffffc0589440 b chardev_class    [chardev]
ffffffffc0587348 t chardev_exit [chardev]
ffffffffc0589100 d __this_module    [chardev]
ffffffffc0589000 d chardev_fops [chardev]
ffffffffc0587348 t cleanup_module   [chardev]
ffffffffc05871f0 t init_module  [chardev]
@ubuntu:~/Kernel/Module/SS$

(gdb) add-symbol-file Kernel/Module/SS/chardev.ko 0xffffffffc058706d
add symbol table from file "Kernel/Module/SS/chardev.ko" at
    .text_addr = 0xffffffffc058706d
(y or n) y
Reading symbols from Kernel/Module/SS/chardev.ko...(no debugging symbols found)...done.
(gdb) p chardev_write 
Cannot access memory at address 0x8d
(gdb)