我在用vmware的debugstub调试linux内核进程的时候,发现了一个很奇怪的情况。 我在 sys_execve 中设置断点并打开 chrome,它确实中断了,但我发现 thread_info 结构总是被 0 填充。
Breakpoint 1, SyS_execve (filename=139842677234776, argv=139842677234848, envp=139843191453696)
at /build/linux-lts-utopic-V0z0lI/linux-lts-utopic-3.16.0/fs/exec.c:1630
1630 in /build/linux-lts-utopic-V0z0lI/linux-lts-utopic-3.16.0/fs/exec.c
(gdb) set $hehe = (struct thread_info *)(((long)$rsp & 0xffffffffffffe000))
(gdb) print *$hehe
$21 = {
task = 0x0 <irq_stack_union>,
exec_domain = 0x0 <irq_stack_union>,
flags = 0,
status = 0,
cpu = 0,
saved_preempt_count = 0,
addr_limit = {
seg = 0
},
restart_block = {
fn = 0x0 <irq_stack_union>,
{
futex = {
uaddr = 0x0 <irq_stack_union>,
val = 0,
flags = 0,
bitset = 0,
time = 0,
uaddr2 = 0x0 <irq_stack_union>
},
nanosleep = {
clockid = 0,
rmtp = 0x0 <irq_stack_union>,
compat_rmtp = 0x0 <irq_stack_union>,
expires = 0
},
poll = {
ufds = 0x0 <irq_stack_union>,
nfds = 0,
has_timeout = 0,
tv_sec = 0,
tv_nsec = 0
}
}
},
sysenter_return = 0x0 <irq_stack_union>,
sig_on_uaccess_error = 0,
uaccess_err = 0
}
然后我在 32 位 ubuntu 14.04 中尝试了相同的操作,一切正常。
(gdb) set $hehe = (struct thread_info *)((long)$esp & 0xffffe000)
(gdb) print *$hehe
$1 = {task = 0xc1980a40 <init_task>, exec_domain = 0xc198ef80 <default_exec_domain>, flags = 0, status = 0, cpu = 0, saved_preempt_count = -2147483648,
addr_limit = {seg = 4294967295}, restart_block = {fn = 0xc106d520 <do_no_restart_syscall>, {futex = {uaddr = 0x0, val = 0, flags = 0, bitset = 0, time = 0,
uaddr2 = 0x0}, nanosleep = {clockid = 0, rmtp = 0x0, expires = 0}, poll = {ufds = 0x0, nfds = 0, has_timeout = 0, tv_sec = 0, tv_nsec = 0}}},
sysenter_return = 0x0, sig_on_uaccess_error = 0, uaccess_err = 0}
我想知道是什么让这些发生了。 默认的 PAGE_SIZE 不是 4KB 吗?或者线程堆栈不是 THREAD_SIZE (2*PAGE_SIZE) 大?
最佳答案
堆栈为 16KB 已经有一段时间了。我不明白你为什么要玩猜谜游戏,也不明白你为什么要寻找 thread_info。如果您正在尝试获取 task_struct,您可以通过 %gs 获取它。
关于linux - 为什么linux(x86_64)中的thread_info结构被0填充?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/35647769/