Address ranges reserved by gdb?












0















I have a program that mmaps memory at higher addresses using MAP_FIXED at TASK_SIZE - PAGE_SIZE.



This program runs fine if I execute it, but if I run it with gdb, it segfaults just after the mmap. Also at this point, the gdb state seems to be completely corrupted and it appears that the execution reaches an address range filled with 0's (could be from the new mappings just created).



Does gdb use this address range in the running process? Have I cleared out some of gdb's state? Is this address range documented somewhere?



Following is my call to mmap and the address calculation - 



#define TASK_SIZE64 (0x800000000000UL - 4096)

#define TASK_SIZE TASK_SIZE64

#define PAGE_OFFSET (void*)TASK_SIZE

...

char *load_address = PAGE_OFFSET - file_size_aligned;

if(load_address != mmap(load_address, file_size_aligned, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0)){

    err("Failed to allocate memory for raw_binary with: %dn", errno);

    return -1;

}


file_size_aligned comes to a PAGE_SIZE. This is one of the allocations. There is one more that starts from load_address and allocates few more pages backwards (with PROT_READ and PROT_WRITE only).






c linux gdb







share|improve this question

























  • Check this answer: stackoverflow.com/questions/3640095/…. It looks like you need to create function within your program that gives GDB access to those memory regions if you want to inspect them.

    – Paul
    Nov 25 '18 at 8:48











  • @Paul I don't think that question is exactly related. I am not mmap'ing the memory in the kernel space. It is inside the user space - TASK_SIZE - PAGE_SIZE. This memory should be accessible by gdb if it needs to.

    – Ajay Brahmakshatriya
    Nov 25 '18 at 8:52











  • Ah, good point. Can you include the call you are making to mmap? Are you getting an address back from mmap, or you are requesting one?

    – Paul
    Nov 25 '18 at 8:57











  • @Paul I am using MAP_FIXED -- I am passing my own address. Will add the call to mmap.

    – Ajay Brahmakshatriya
    Nov 25 '18 at 9:11











  • Does it work if you remove the MAP_FIXED argument? It would be good to know if using GDB with that address space is the cause rather than a GDB issue in general.

    – Paul
    Nov 25 '18 at 9:29
















0















I have a program that mmaps memory at higher addresses using MAP_FIXED at TASK_SIZE - PAGE_SIZE.



This program runs fine if I execute it, but if I run it with gdb, it segfaults just after the mmap. Also at this point, the gdb state seems to be completely corrupted and it appears that the execution reaches an address range filled with 0's (could be from the new mappings just created).



Does gdb use this address range in the running process? Have I cleared out some of gdb's state? Is this address range documented somewhere?



Following is my call to mmap and the address calculation - 



#define TASK_SIZE64 (0x800000000000UL - 4096)

#define TASK_SIZE TASK_SIZE64

#define PAGE_OFFSET (void*)TASK_SIZE

...

char *load_address = PAGE_OFFSET - file_size_aligned;

if(load_address != mmap(load_address, file_size_aligned, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0)){

    err("Failed to allocate memory for raw_binary with: %dn", errno);

    return -1;

}


file_size_aligned comes to a PAGE_SIZE. This is one of the allocations. There is one more that starts from load_address and allocates few more pages backwards (with PROT_READ and PROT_WRITE only).






c linux gdb







share|improve this question

























  • Check this answer: stackoverflow.com/questions/3640095/…. It looks like you need to create function within your program that gives GDB access to those memory regions if you want to inspect them.

    – Paul
    Nov 25 '18 at 8:48











  • @Paul I don't think that question is exactly related. I am not mmap'ing the memory in the kernel space. It is inside the user space - TASK_SIZE - PAGE_SIZE. This memory should be accessible by gdb if it needs to.

    – Ajay Brahmakshatriya
    Nov 25 '18 at 8:52











  • Ah, good point. Can you include the call you are making to mmap? Are you getting an address back from mmap, or you are requesting one?

    – Paul
    Nov 25 '18 at 8:57











  • @Paul I am using MAP_FIXED -- I am passing my own address. Will add the call to mmap.

    – Ajay Brahmakshatriya
    Nov 25 '18 at 9:11











  • Does it work if you remove the MAP_FIXED argument? It would be good to know if using GDB with that address space is the cause rather than a GDB issue in general.

    – Paul
    Nov 25 '18 at 9:29














0












0








0


1






I have a program that mmaps memory at higher addresses using MAP_FIXED at TASK_SIZE - PAGE_SIZE.



This program runs fine if I execute it, but if I run it with gdb, it segfaults just after the mmap. Also at this point, the gdb state seems to be completely corrupted and it appears that the execution reaches an address range filled with 0's (could be from the new mappings just created).



Does gdb use this address range in the running process? Have I cleared out some of gdb's state? Is this address range documented somewhere?



Following is my call to mmap and the address calculation - 



#define TASK_SIZE64 (0x800000000000UL - 4096)

#define TASK_SIZE TASK_SIZE64

#define PAGE_OFFSET (void*)TASK_SIZE

...

char *load_address = PAGE_OFFSET - file_size_aligned;

if(load_address != mmap(load_address, file_size_aligned, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0)){

    err("Failed to allocate memory for raw_binary with: %dn", errno);

    return -1;

}


file_size_aligned comes to a PAGE_SIZE. This is one of the allocations. There is one more that starts from load_address and allocates few more pages backwards (with PROT_READ and PROT_WRITE only).






c linux gdb







share|improve this question
















I have a program that mmaps memory at higher addresses using MAP_FIXED at TASK_SIZE - PAGE_SIZE.



This program runs fine if I execute it, but if I run it with gdb, it segfaults just after the mmap. Also at this point, the gdb state seems to be completely corrupted and it appears that the execution reaches an address range filled with 0's (could be from the new mappings just created).



Does gdb use this address range in the running process? Have I cleared out some of gdb's state? Is this address range documented somewhere?



Following is my call to mmap and the address calculation - 



#define TASK_SIZE64 (0x800000000000UL - 4096)

#define TASK_SIZE TASK_SIZE64

#define PAGE_OFFSET (void*)TASK_SIZE

...

char *load_address = PAGE_OFFSET - file_size_aligned;

if(load_address != mmap(load_address, file_size_aligned, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANONYMOUS | MAP_PRIVATE | MAP_FIXED, -1, 0)){

    err("Failed to allocate memory for raw_binary with: %dn", errno);

    return -1;

}


file_size_aligned comes to a PAGE_SIZE. This is one of the allocations. There is one more that starts from load_address and allocates few more pages backwards (with PROT_READ and PROT_WRITE only).






c linux gdb




c linux gdb






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 25 '18 at 9:15







Ajay Brahmakshatriya

















asked Nov 25 '18 at 8:44









Ajay BrahmakshatriyaAjay Brahmakshatriya

6,96531636




6,96531636













  • Check this answer: stackoverflow.com/questions/3640095/…. It looks like you need to create function within your program that gives GDB access to those memory regions if you want to inspect them.

    – Paul
    Nov 25 '18 at 8:48











  • @Paul I don't think that question is exactly related. I am not mmap'ing the memory in the kernel space. It is inside the user space - TASK_SIZE - PAGE_SIZE. This memory should be accessible by gdb if it needs to.

    – Ajay Brahmakshatriya
    Nov 25 '18 at 8:52











  • Ah, good point. Can you include the call you are making to mmap? Are you getting an address back from mmap, or you are requesting one?

    – Paul
    Nov 25 '18 at 8:57











  • @Paul I am using MAP_FIXED -- I am passing my own address. Will add the call to mmap.

    – Ajay Brahmakshatriya
    Nov 25 '18 at 9:11











  • Does it work if you remove the MAP_FIXED argument? It would be good to know if using GDB with that address space is the cause rather than a GDB issue in general.

    – Paul
    Nov 25 '18 at 9:29



















  • Check this answer: stackoverflow.com/questions/3640095/…. It looks like you need to create function within your program that gives GDB access to those memory regions if you want to inspect them.

    – Paul
    Nov 25 '18 at 8:48











  • @Paul I don't think that question is exactly related. I am not mmap'ing the memory in the kernel space. It is inside the user space - TASK_SIZE - PAGE_SIZE. This memory should be accessible by gdb if it needs to.

    – Ajay Brahmakshatriya
    Nov 25 '18 at 8:52











  • Ah, good point. Can you include the call you are making to mmap? Are you getting an address back from mmap, or you are requesting one?

    – Paul
    Nov 25 '18 at 8:57











  • @Paul I am using MAP_FIXED -- I am passing my own address. Will add the call to mmap.

    – Ajay Brahmakshatriya
    Nov 25 '18 at 9:11











  • Does it work if you remove the MAP_FIXED argument? It would be good to know if using GDB with that address space is the cause rather than a GDB issue in general.

    – Paul
    Nov 25 '18 at 9:29

















Check this answer: stackoverflow.com/questions/3640095/…. It looks like you need to create function within your program that gives GDB access to those memory regions if you want to inspect them.

– Paul
Nov 25 '18 at 8:48





Check this answer: stackoverflow.com/questions/3640095/…. It looks like you need to create function within your program that gives GDB access to those memory regions if you want to inspect them.

– Paul
Nov 25 '18 at 8:48













@Paul I don't think that question is exactly related. I am not mmap'ing the memory in the kernel space. It is inside the user space - TASK_SIZE - PAGE_SIZE. This memory should be accessible by gdb if it needs to.

– Ajay Brahmakshatriya
Nov 25 '18 at 8:52





@Paul I don't think that question is exactly related. I am not mmap'ing the memory in the kernel space. It is inside the user space - TASK_SIZE - PAGE_SIZE. This memory should be accessible by gdb if it needs to.

– Ajay Brahmakshatriya
Nov 25 '18 at 8:52













Ah, good point. Can you include the call you are making to mmap? Are you getting an address back from mmap, or you are requesting one?

– Paul
Nov 25 '18 at 8:57





Ah, good point. Can you include the call you are making to mmap? Are you getting an address back from mmap, or you are requesting one?

– Paul
Nov 25 '18 at 8:57













@Paul I am using MAP_FIXED -- I am passing my own address. Will add the call to mmap.

– Ajay Brahmakshatriya
Nov 25 '18 at 9:11





@Paul I am using MAP_FIXED -- I am passing my own address. Will add the call to mmap.

– Ajay Brahmakshatriya
Nov 25 '18 at 9:11













Does it work if you remove the MAP_FIXED argument? It would be good to know if using GDB with that address space is the cause rather than a GDB issue in general.

– Paul
Nov 25 '18 at 9:29





Does it work if you remove the MAP_FIXED argument? It would be good to know if using GDB with that address space is the cause rather than a GDB issue in general.

– Paul
Nov 25 '18 at 9:29












1 Answer
1






active

oldest

votes


















1















Does gdb use this address range in the running process?




No.




Have I cleared out some of gdb's state?




No.




Is this address range documented somewhere?




Possibly in kernel sources.



Your program makes invalid assumptions about available address space, and "blows itself up" when run with ASLR turned off (which GDB does by default).



You can confirm this by running your program outside GDB, but with ASLR disabled. It should also crash. Try one of these:



# echo 0 > /proc/sys/kernel/randomize_va_space


or



setarch $(uname -m) -R /path/to/exe


You can also confirm that your program will run under GDB if you enable ASLR:



gdb /path/to/exe

(gdb) set disable-randomization off

(gdb) run





share|improve this answer
























  • Alright, this makes a lot more sense. I actually have to acquire an address range according to some other constraints too. So I am trying not to use mmap(NULL, ...). The address range I had used satisfied the other constraint. I thought this would be free for most processes too. Didn't realize with ASRL turned off, the mapping starts right from the bottom.

    – Ajay Brahmakshatriya
    Nov 25 '18 at 19:34











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53465930%2faddress-ranges-reserved-by-gdb%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









1















Does gdb use this address range in the running process?




No.




Have I cleared out some of gdb's state?




No.




Is this address range documented somewhere?




Possibly in kernel sources.



Your program makes invalid assumptions about available address space, and "blows itself up" when run with ASLR turned off (which GDB does by default).



You can confirm this by running your program outside GDB, but with ASLR disabled. It should also crash. Try one of these:



# echo 0 > /proc/sys/kernel/randomize_va_space


or



setarch $(uname -m) -R /path/to/exe


You can also confirm that your program will run under GDB if you enable ASLR:



gdb /path/to/exe

(gdb) set disable-randomization off

(gdb) run





share|improve this answer
























  • Alright, this makes a lot more sense. I actually have to acquire an address range according to some other constraints too. So I am trying not to use mmap(NULL, ...). The address range I had used satisfied the other constraint. I thought this would be free for most processes too. Didn't realize with ASRL turned off, the mapping starts right from the bottom.

    – Ajay Brahmakshatriya
    Nov 25 '18 at 19:34
















1















Does gdb use this address range in the running process?




No.




Have I cleared out some of gdb's state?




No.




Is this address range documented somewhere?




Possibly in kernel sources.



Your program makes invalid assumptions about available address space, and "blows itself up" when run with ASLR turned off (which GDB does by default).



You can confirm this by running your program outside GDB, but with ASLR disabled. It should also crash. Try one of these:



# echo 0 > /proc/sys/kernel/randomize_va_space


or



setarch $(uname -m) -R /path/to/exe


You can also confirm that your program will run under GDB if you enable ASLR:



gdb /path/to/exe

(gdb) set disable-randomization off

(gdb) run





share|improve this answer
























  • Alright, this makes a lot more sense. I actually have to acquire an address range according to some other constraints too. So I am trying not to use mmap(NULL, ...). The address range I had used satisfied the other constraint. I thought this would be free for most processes too. Didn't realize with ASRL turned off, the mapping starts right from the bottom.

    – Ajay Brahmakshatriya
    Nov 25 '18 at 19:34














1












1








1








Does gdb use this address range in the running process?




No.




Have I cleared out some of gdb's state?




No.




Is this address range documented somewhere?




Possibly in kernel sources.



Your program makes invalid assumptions about available address space, and "blows itself up" when run with ASLR turned off (which GDB does by default).



You can confirm this by running your program outside GDB, but with ASLR disabled. It should also crash. Try one of these:



# echo 0 > /proc/sys/kernel/randomize_va_space


or



setarch $(uname -m) -R /path/to/exe


You can also confirm that your program will run under GDB if you enable ASLR:



gdb /path/to/exe

(gdb) set disable-randomization off

(gdb) run





share|improve this answer














Does gdb use this address range in the running process?




No.




Have I cleared out some of gdb's state?




No.




Is this address range documented somewhere?




Possibly in kernel sources.



Your program makes invalid assumptions about available address space, and "blows itself up" when run with ASLR turned off (which GDB does by default).



You can confirm this by running your program outside GDB, but with ASLR disabled. It should also crash. Try one of these:



# echo 0 > /proc/sys/kernel/randomize_va_space


or



setarch $(uname -m) -R /path/to/exe


You can also confirm that your program will run under GDB if you enable ASLR:



gdb /path/to/exe

(gdb) set disable-randomization off

(gdb) run






share|improve this answer












share|improve this answer



share|improve this answer










answered Nov 25 '18 at 16:10









Employed RussianEmployed Russian

126k20169239




126k20169239













  • Alright, this makes a lot more sense. I actually have to acquire an address range according to some other constraints too. So I am trying not to use mmap(NULL, ...). The address range I had used satisfied the other constraint. I thought this would be free for most processes too. Didn't realize with ASRL turned off, the mapping starts right from the bottom.

    – Ajay Brahmakshatriya
    Nov 25 '18 at 19:34



















  • Alright, this makes a lot more sense. I actually have to acquire an address range according to some other constraints too. So I am trying not to use mmap(NULL, ...). The address range I had used satisfied the other constraint. I thought this would be free for most processes too. Didn't realize with ASRL turned off, the mapping starts right from the bottom.

    – Ajay Brahmakshatriya
    Nov 25 '18 at 19:34

















Alright, this makes a lot more sense. I actually have to acquire an address range according to some other constraints too. So I am trying not to use mmap(NULL, ...). The address range I had used satisfied the other constraint. I thought this would be free for most processes too. Didn't realize with ASRL turned off, the mapping starts right from the bottom.

– Ajay Brahmakshatriya
Nov 25 '18 at 19:34





Alright, this makes a lot more sense. I actually have to acquire an address range according to some other constraints too. So I am trying not to use mmap(NULL, ...). The address range I had used satisfied the other constraint. I thought this would be free for most processes too. Didn't realize with ASRL turned off, the mapping starts right from the bottom.

– Ajay Brahmakshatriya
Nov 25 '18 at 19:34




















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53465930%2faddress-ranges-reserved-by-gdb%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Costa Masnaga

Image
.mw-parser-output .avviso .mbox-text-div>div,.mw-parser-output .avviso .mbox-text-full-div>div{font-size:90%}.mw-parser-output .avviso .mbox-image div{width:52px}.mw-parser-output .avviso .mbox-text-full-div .hide-when-compact{display:block} Questa voce o sezione sull'argomento Lombardia non cita le fonti necessarie o quelle presenti sono insufficienti . Puoi migliorare questa voce aggiungendo citazioni da fonti attendibili secondo le linee guida sull'uso delle fonti. Segui i suggerimenti del progetto di riferimento. Costa Masnaga comune Localizzazione Stato   Italia Regione Lombardia Provincia Lecco Amministrazione Sindaco Sabina Panzeri (Al centro il cittadino) dall'08/06/2009 Territorio Coordinate 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Coordinate: 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Altitudine 318 m s.l.m...
Read more

Fotorealismo

Image
Guerrino Boatto, Venice's St. Barnaba Church and canal Il fotorealismo è un genere di pittura basato sull'uso di una o più fotografie dalle quali l'artista prende le informazioni necessarie da utilizzare poi nel processo della creazione dell'opera, in genere ad olio o ad acrilico, al fine di avere un aspetto finale il più simile possibile alla fotografia. Indice 1 Storia 2 Lista dei fotorealisti 3 Note 4 Voci correlate 5 Altri progetti Storia | Il fotorealismo è un movimento che nasce negli Stati Uniti d'America alla fine degli anni sessanta [1] sulla scia della Pop Art [2] [3] [4] , e insieme condividono il carattere reazionario verso la travolgente ascesa dei media, che alla metà del ventesimo secolo si trasforma in un fenomeno di massa talmente imponente da minacciare il valore dell'immagine nell'arte. [5] [6] Ne consegue così che, colto il gesto d'inizio che fu della Pop Art, i fotorealisti aprono ad un ...
Read more

Sidney Franklin

Image
Questa voce sull'argomento registi statunitensi è solo un abbozzo . Contribuisci a migliorarla secondo le convenzioni di Wikipedia. Sidney Franklin, foto di Carl Van Vechten Oscar alla memoria Irving G. Thalberg 1943 Sidney Franklin , all'anagrafe Sidney Arnold Franklin , (San Francisco, 21 marzo 1893 – Santa Monica, 18 maggio 1972), è stato un regista, produttore cinematografico e attore statunitense. Il 20 giugno 1963, si sposò con l'attrice australiana Enid Bennett. Il matrimonio durò fino alla morte dell'attrice, il 14 maggio 1969 [1] Indice 1 Filmografia 1.1 Regista 1.2 Aiuto regia (parziale) 1.3 Produttore 1.4 Attore (parziale) 2 Note 3 Altri progetti 4 Collegamenti esterni Filmografia | Regista | The Baby , co-regia Chester M. Franklin (1915) The Rivals , co-regia Chester M. Franklin (1915) Little Dick's First Case , co-regia Chester M. Franklin (1915) Her Filmland Hero , co-...
Read more