c++ - 寻找tracee的会合结构(正在调试的程序)

Question

我需要我正在编写的调试器为我提供正在调试的程序正在链接或动态加载的共享库的名称。我得到了 link.h 中描述的会合结构，并在 _DYNAMIC[] 循环中使用 DT_DEBUG 回答了其他问题。首先，调试器永远不会碰到设置在 r_brk 的断点。然后我在正在调试的程序中打断，并使用 link_map 打印所有加载的库。它只打印调试器加载的库，而不打印被调试的程序。看来，我得到的会合结构属于调试器本身。如果是这样，你能告诉我如何获得我正在调试的程序的会合结构吗？如果我正在做的事情必须奏效，您的确认将很有帮助，也许还有一些关于可能还需要什么的提示。谢谢。

Answer 1

// You need to include <link.h>. All structures are explained
// in elf(5) manual pages.
// Caller has opened "prog_name", the debugee, and fd is the
// file descriptor. You can send the name instead, and do open()
// here.
// Debugger is tracing the debugee, so we are using ptrace().

void getRandezvousStructure(int fd, pid_t pd, r_debug& rendezvous) {

    Elf64_Ehdr elfHeader;
    char* elfHdrPtr = (char*) &elfHeader;
    read(fd, elfHdrPtr, sizeof(elfHeader));

    Elf64_Addr debugeeEntry = elfHeader.e_entry; // entry point of debugee

// Here, set a break at debugeeEntry, and after "PTRACE_CONT",
// and waitpid(), remove the break, and set rip back to debugeeEntry.
// After that, here it goes.

    lseek(fd, elfHeader.e_shoff, SEEK_SET); // offset of section header

    Elf64_Shdr secHeader;
    elfHdrPtr = (char*) &secHeader;
    Elf64_Dyn* dynPtr;

// Keep reading until we get: secHeader.sh_addr.
// That is the address of _DYNAMIC.

    for (int i = 0; i < elfHeader.e_shnum; i++) {
        read(fd, elfHdrPtr, elfHeader.e_shentsize);
        if (secHeader.sh_type == SHT_DYNAMIC) {
            dynPtr = (Elf64_Dyn*) secHeader.sh_addr; // address of _DYNAMIC
            break;
        }
    }

// Here, we get "dynPtr->d_un.d_ptr" which points to rendezvous
// structure, r_debug

    uint64_t data;

    for (;; dynPtr++) {
        data = ptrace(PTRACE_PEEKDATA, pd, dynPtr, 0);
        if (data == DT_NULL) break;
        if (data == DT_DEBUG) {
            data = ptrace(PTRACE_PEEKDATA, pd, (uint64_t) dynPtr + 8 , 0);
            break;
        }
    }

// Using ptrace() we read sufficient chunk of memory of debugee
// to copy to rendezvous.

    int ren_size = sizeof(rendezvous);
    char* buffer = new char[2 * ren_size];
    char* p = buffer;
    int total = 0;
    uint64_t value;

    for (;;) {
        value = ptrace(PTRACE_PEEKDATA, pd, data, 0);
        memcpy(p, &value, sizeof(value));
        total += sizeof(value);
        if (total > ren_size + sizeof(value)) break;
        data += sizeof(data);
        p += sizeof(data);
    }

// Finally, copy the memory to rendezvous, which was
// passed by reference.

    memcpy(&rendezvous, buffer, ren_size);
    delete [] buffer;
}