在MIPS Linux中进行回溯时,GDB如何找到函数的符号?

时间:2022-01-08 16:38:49

I'm trying to implement a function to backtrace a crashed user space process in kernel. Since, I'm working in Kernel, I don't have the luxury of any libraries and provided backtrace function doesn't support MIPS architecture. I'm just wondering if I can emulate what GDB does. The version of the kernel is 2.6.21.

我正在尝试实现一个函数来回溯内核中崩溃的用户空间进程。既然,我在Kernel工作,我没有任何库的奢侈品,并且提供的回溯功能不支持MIPS架构。我只是想知道我是否可以模仿GDB的功能。内核的版本是2.6.21。

2 个解决方案

#1


I think you can reference the oprofile's implementation.

我想你可以参考oprofile的实现。

Oprofile use frame-pointer to get the back trace infomation, so it requires the user space applications and its related libraries all built with frame-pointer enabled.("-fno-omit-frame-pointer" option).

Oprofile使用帧指针来获取后向跟踪信息,因此它需要用户空间应用程序及其相关库,所有这些都是在启用帧指针的情况下构建的。(“ - fno-omit-frame-pointer”选项)。

Another way is that if the user applications contains debug infomation, you may need check the user application's DWARF infomation, the DWARF call frame infomation proides the debugger with enough infomation about how a function called, so that it can locate each of the arguments to the function, locate the current call frame, and locate the call frame for the calling infomation.

另一种方法是,如果用户应用程序包含调试信息,您可能需要检查用户应用程序的DWARF信息,DWARF调用帧信息向调试器提供有关函数如何调用的足够信息,以便它可以定位每个参数。功能,定位当前的呼叫帧,并找到呼叫信息的呼叫帧。

If you want to simple crawl the back trace infomation without "frame-pointer" supported or any debug infomation, then you have to check the user application's mips instruction, loop through child's context(SP,IP,RP) things to get the parent context(SP,IP,RP) by the mips ABI specification, this is a little complicated and time consuming since you have to disassemble many instruction in the memory, but it works not bad. For example, for many routie, there is an "add sp, sp, -32" like instruction at the begging, and you will know that the parent'sp is current sp plus 32.

如果你想简单地抓取后跟踪信息而不支持“frame-pointer”或任何调试信息,那么你必须检查用户应用程序的mips指令,循环访问子的上下文(SP,IP,RP)以获取父上下文(SP,IP,RP)由mip ABI规范,这有点复杂和耗时,因为你必须在内存中反汇编许多指令,但它的工作原理并不差。例如,对于许多路由,在乞讨时有一个“add sp,sp,-32”之类的指令,你会知道父p是当前sp加32。

The second and third way you have to implement it yourself since you work in kernel.

自从你在内核中工作以来,你必须自己实现它的第二种和第三种方式。

#2


The core file is in ELF format. This is a standard, which is available on many web site just one google away.

核心文件采用ELF格式。这是一个标准,只有一个谷歌可以在许多网站上获得。

HOWEVER, this file format is non-trival. Lots of quirks and bits. Any reasonable person should use an 3rd party library. If you really want to do that, start with libelf and readelf. and wish yourself good luck.

但是,这种文件格式是非繁琐的。很多怪癖和比特。任何合理的人都应该使用第三方库。如果你真的想这样做,请从libelf和readelf开始。祝自己好运。

#1


I think you can reference the oprofile's implementation.

我想你可以参考oprofile的实现。

Oprofile use frame-pointer to get the back trace infomation, so it requires the user space applications and its related libraries all built with frame-pointer enabled.("-fno-omit-frame-pointer" option).

Oprofile使用帧指针来获取后向跟踪信息,因此它需要用户空间应用程序及其相关库,所有这些都是在启用帧指针的情况下构建的。(“ - fno-omit-frame-pointer”选项)。

Another way is that if the user applications contains debug infomation, you may need check the user application's DWARF infomation, the DWARF call frame infomation proides the debugger with enough infomation about how a function called, so that it can locate each of the arguments to the function, locate the current call frame, and locate the call frame for the calling infomation.

另一种方法是,如果用户应用程序包含调试信息,您可能需要检查用户应用程序的DWARF信息,DWARF调用帧信息向调试器提供有关函数如何调用的足够信息,以便它可以定位每个参数。功能,定位当前的呼叫帧,并找到呼叫信息的呼叫帧。

If you want to simple crawl the back trace infomation without "frame-pointer" supported or any debug infomation, then you have to check the user application's mips instruction, loop through child's context(SP,IP,RP) things to get the parent context(SP,IP,RP) by the mips ABI specification, this is a little complicated and time consuming since you have to disassemble many instruction in the memory, but it works not bad. For example, for many routie, there is an "add sp, sp, -32" like instruction at the begging, and you will know that the parent'sp is current sp plus 32.

如果你想简单地抓取后跟踪信息而不支持“frame-pointer”或任何调试信息,那么你必须检查用户应用程序的mips指令,循环访问子的上下文(SP,IP,RP)以获取父上下文(SP,IP,RP)由mip ABI规范,这有点复杂和耗时,因为你必须在内存中反汇编许多指令,但它的工作原理并不差。例如,对于许多路由,在乞讨时有一个“add sp,sp,-32”之类的指令,你会知道父p是当前sp加32。

The second and third way you have to implement it yourself since you work in kernel.

自从你在内核中工作以来,你必须自己实现它的第二种和第三种方式。

#2


The core file is in ELF format. This is a standard, which is available on many web site just one google away.

核心文件采用ELF格式。这是一个标准,只有一个谷歌可以在许多网站上获得。

HOWEVER, this file format is non-trival. Lots of quirks and bits. Any reasonable person should use an 3rd party library. If you really want to do that, start with libelf and readelf. and wish yourself good luck.

但是,这种文件格式是非繁琐的。很多怪癖和比特。任何合理的人都应该使用第三方库。如果你真的想这样做,请从libelf和readelf开始。祝自己好运。