For analysis purpose we want to know the which data(message) is stored in the address. Is there any option to find the message in GDB.
In the other words we know the address (0x80488b4) of memory but we want also know the message stored in that address through GDB.
Sample code :
(gdb) print option_value
$1 = (const void *) 0x80488b4
If you know the type typemsg_tof the message, you could dereference it, e.g. print *(typemsg_t*) option_value
You might also be interested by the GDB watchpoint ability.
It is worth taking some time to read GDB documentation !
What is "the message"? You can of course examine the contents of memory at that address, using gdb's x (for examine) command:
(gdb) x option_value
If you know that option_value, despite looking like a const void * in the current scope, is really of some other type, you can cast and dereference:
(gdb) print *(MessageType *) option_value
Related
I used kgdb to debug linux kernel and print *page.
The result shows some addresses started with '0xdead'
Like, {lru = {next = 0xdead000000000100, prev = 0xdead000000000122},
0xdead pages
What those pages mean? a NULL page? or something meaningful?
Thank you.
These pointers are poison constants. They are set to next and previous when a list entry is removed from the list. See list_del().
Sometimes there is some small stack corruption that causes gdb to fail doing a "backtrace", I have created the below gdb macro (x86-64, can be easily made to work for x86) that depends on turning off omit-frame-pointer (i.e. -fno-omit-frame-pointer) and shows me the functions in the backtrace. However, I'd like it to also show parameter values and ideally be able to select one of these frames. (i.e. something such as "frame 0x0123456789ABCDEF").
define et
set $frameptr = $rbp
while $frameptr != 0
set $oldbp = *((void**)($frameptr+8))
print $frameptr
print $oldbp
info symbol $oldbp
set $frameptr = *((void**)($frameptr))
end
end
I would like to write a simple kernel function that iterates over all the vm_area_structs that belong to a specific process and mark each one of them as belonging to the heap or not. Assume that I can add a boolean field in the vm_area_struct that will be set for heap pages and reset for other pages.
I have looked into the mm_struct, vm_area_struct, and task_struct... but found nothing that can help.
Update: I am guessing start_brk and brk have something to do with this?
(Am inserting my last comment as an answer, as the formatting within "Comment" is not that great):
Wrt my prev comment: the relevant code (to look up VMAs of a given PID) seems to be here: fs/proc/task_mmu.c .
And, yes indeed, the "[heap]" is marked by this code snippet from the above src file (kernel ver 3.10.24):
*fs/proc/task_mmu.c:show_map_vma()*
...
if (vma->vm_start <= mm->brk &&
vma->vm_end >= mm->start_brk) {
name = "[heap]";
goto done; }
...
why when i debug asm source in gdb is 0x8048080 the address chosen for the starting entry point into code? this is just a relative offset, not an actual offset of into memory of an instruction, correct?
There is no special significance to address 0x8048080, but there is one for address 0x08048000.
The latter address is the default address, on which ld starts the first PT_LOAD segment on Linux/x86. On Linux/x86_64, the default is 0x400000, and you can change the default by using a "custom" linker script. You can also change where .text section starts with -Wl,-Ttext,0xNNNNNNNN flag.
After ld starts at 0x08048000, it adds space for program headers, and proceeds to link the rest of the executable according to its built-in linker script, which you can see if you pass in -Wl,--verbose to your link line.
For your program, the size of program headers appears to always be 0x80, so your .text section always starts at 0x8048080, but that is by no means universal.
When I link a trivial int main() { return 0; } program, I get &_start == &.text at 0x8048300, 0x8048178 or 0x8048360, depending on which compiler I use.
0×8048080 is the default entry point in virtual memory used by the Linux ld linker. You can change it to whatever you want.
for more details check out: http://eli.thegreenplace.net/2011/01/27/how-debuggers-work-part-2-breakpoints/
I make several calls to a function that reads data from an input file. Everything works fine in debug mode, but when I try to run the executable from release mode, the line with fopen crashes the program after a few calls. My code is:
From header file:
#define presstankdatabase "presst_database.txt"
In function:
FILE *fidread;
fidread = fopen(presstankdatabase,"r");
if (fidread==NULL) {
printf("Failed to open pressurant tank database: %s\n",presstankdatabase);
return 1;
}
In debugging, I've inserted comment lines just before and just after the line starting with fidread =, and after several calls the program crashes and I get the message "A problem caused the program to stop working correctly. Please close the program." The comment just before the fopen call is displayed, but the comment just after does not. My understanding of fopen is that is should return either a pointer or NULL, but it crashes before it even gets to the check. The only thing I can think of is that somehow I'm having memory problems, but I don't know how that would fit in with fopen crashing. Does anyone know what might be going on? Thanks!
EDIT 1: I increased the size of three variables, and the only places they're used (except in printf() calls), are as shown below.
char *constid = (char*)malloc(sizeof(char)*20);
Used like so:
strcpy(constid,"Propellant");
strcpy(constid,"Propellant tank");
strcpy(constid,"Pressurant tank");
If the variables are sized to 20, as shown above, it crashes. But if they're larger (I've tried 120 and 100), the program runs. The variables aren't used in any other places other than fprintf() or printf() calls.
presstankdatabase should be a pointer to a string containing the filename to open. If fopen() crashes then that pointer is probably invalid (or NULL). Without any more code it is not possible to debug it further. Use the VC debugger to see what's happening...
EDIT:
Another common cause of this is a filename string that suddenly stops being NULL-terminated.
You should add a printf() call to print the filename before opening. It will most probably fail to produce the expected output. If not, then you have a more interesting form of memory corruption that will take some more work to weed out.
EDIT 2:
If the printf() call shows the correct string, then you probably have memory corruption somewhere else in your code that has mangled some internal structure of the C library. A common cause is going beyond the end (or the beginning for that matter) of a static array or a region provided by malloc().