
  • 前言
  • gdb attach
  • 1.0 问题描述
  • 1.1 问题复现
  • 2.0
  • 2.1 静态链接库
  • 2.2 动态链接库
  • 2.3 PIC


#include <iostream>

void a(int w){
        for(int i = 0; i < w; i++){
                std::cout << i << " ";
        std::cout << std::endl;

void b(int w){
        for(int i = 0; i < w; i++){

int main(int argc, char ** argv){
        int w; 
        std::cin >> w;
        return 0;


root@zhr-workstation:~/test/gdb# gdb 
(gdb) attach 30650


(gdb) b gdbtest.cpp:10

1.0 问题描述

今天在给一个可执行c程序的entry point address设置断点的时候,出现了Cannot access memory at address的错误(为了测试为什么gcc -e指定一个函数foo先运行的时候,foo函数用return会出现core dump的错误,这个后面将),在谷歌上搜索了半天终于弄明白咋回事,看看我的操作步骤

1.1 问题复现


#include <stdio.h>
#include <stdlib.h>

foo(void) {
        (void)printf("Who needs 'main'?\n");
        return EXIT_FAILURE;

main(int argc, char **argv) {
        printf("main is at 0x%lX\n", (unsigned long)&main);


root@workstastion:/apue/course/06# gcc -e foo -g entry2.c

我们再看一下这个编译后的可执行文件的entry point address

root@workstastion:/apue/course/06# readelf -h a.out 
ELF Header:
  Magic:   7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 
  Class:                             ELF64
  Data:                              2's complement, little endian
  Version:                           1 (current)
  OS/ABI:                            UNIX - System V
  ABI Version:                       0
  Type:                              DYN (Shared object file)
  Machine:                           Advanced Micro Devices X86-64
  Version:                           0x1
  Entry point address:               0x1169
  Start of program headers:          64 (bytes into file)
  Start of section headers:          15832 (bytes into file)
  Flags:                             0x0
  Size of this header:               64 (bytes)
  Size of program headers:           56 (bytes)
  Number of program headers:         13
  Size of section headers:           64 (bytes)
  Number of section headers:         36
  Section header string table index: 35

这里非常顺利entry point address是** 0x1169**,我们再打开gdb在这个位置设置断点(常理来说会直接定位到foo这个函数的位置,但是出现了访问内存错误)

root@workstastion:/apue/course/06# gdb ./a.out 
Reading symbols from ./a.out...
(gdb) break *0x1169
Breakpoint 1 at 0x1169: file entry2.c, line 5.
(gdb) run
Starting program: /apue/course/06/a.out 
Cannot insert breakpoint 1.
Cannot access memory at address 0x1169



出现这个问题后翻阅了大量的资料,终于让我找到突破口,这个现象和PIC(Position-independent code) 有关,说到PIC不得不提静态链接库动态链接库,了解这些之前先要了解什么是库



2.1 静态链接库



  1. 静态库对函数库的链接是放在编译时期完成的
  2. 程序在运行时与函数库再无瓜葛,移植方便(相当于静态库中的代码已经复制到最终的程序中)
  3. 浪费空间和资源,因为所有相关的目标文件与牵涉到的函数库被链接合成一个可执行文件




ar -crv libstaticmath.a StaticMath.o

2.2 动态链接库


2.3 PIC

PIC全程叫做Position-independent code,为什么在说PIC之前说那么多其他的知识,因为说到PIC不可避免地提到动态链接库
首先PIC是一段机器代码,PIC可以在不被修改的情况下在任何内存地址中运行,不同于absolute code(指已知的固定内存地址加载的代码,由于该地址是固定的,因此可以编译跳转以直接指向其目标内存地址,而无需在加载时使用相关跳转指令或修复任何内容),
我们开始readelf -h看的entry point address其实是一个相对地址,我们需要加上一个偏移量才能到真正的地址上


root@workstastion:/apue/course/06# gdb ./a.out 
Reading symbols from ./a.out...
(gdb) set stop-on-solib-events 1
(gdb) run
Starting program: /apue/course/06/a.out 
Stopped due to shared library event (no libraries added or removed)
(gdb) info proc ,map 
Too many parameters: ,map
(gdb) info proc map
process 27560
Mapped address spaces:

          Start Addr           End Addr       Size     Offset objfile
      0x555555554000     0x555555555000     0x1000        0x0 /apue/course/06/a.out
      0x555555555000     0x555555556000     0x1000     0x1000 /apue/course/06/a.out
      0x555555556000     0x555555557000     0x1000     0x2000 /apue/course/06/a.out
      0x555555557000     0x555555559000     0x2000     0x2000 /apue/course/06/a.out
      0x7ffff7fc8000     0x7ffff7fcc000     0x4000        0x0 [vvar]
      0x7ffff7fcc000     0x7ffff7fce000     0x2000        0x0 [vdso]
      0x7ffff7fce000     0x7ffff7fcf000     0x1000        0x0 /usr/lib/x86_64-linux-gnu/ld-2.32.so
      0x7ffff7fcf000     0x7ffff7ff3000    0x24000     0x1000 /usr/lib/x86_64-linux-gnu/ld-2.32.so
      0x7ffff7ff3000     0x7ffff7ffc000     0x9000    0x25000 /usr/lib/x86_64-linux-gnu/ld-2.32.so
      0x7ffff7ffc000     0x7ffff7fff000     0x3000    0x2d000 /usr/lib/x86_64-linux-gnu/ld-2.32.so
      0x7ffffffde000     0x7ffffffff000    0x21000        0x0 [stack]
  0xffffffffff600000 0xffffffffff601000     0x1000        0x0 [vsyscall]
  (gdb) break *(0x555555554000 + 0x1169)
Breakpoint 1 at 0x555555555169
(gdb) run
Starting program: /apue/course/06/a.out 

Breakpoint 1, foo () at entry2.c:5
5       foo(void) {
