lhx@ubuntu:~$ /lib/x86_64-linux-gnu/libc.so.6 GNU C Library (Ubuntu GLIBC 2.31-0ubuntu9.9) stable release version 2.31. Copyright (C) 2020 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled by GNU CC version 9.4.0. libc ABIs: UNIQUE IFUNC ABSOLUTE For bug reporting instructions, please see: <https://bugs.launchpad.net/ubuntu/+source/glibc/+bugs>. lhx@ubuntu:~$
gdb 调试探索过程
接下来,打算用 gdb 调试下,分析下这个有趣的现象。
定位入口函数
安装好 glibc 调试符号后,开始调试,发现在 main 函数设断点无法识别,推测入口函数可能不是 main。
1 2 3 4 5 6
lhx@ubuntu:~$ gdb /lib/x86_64-linux-gnu/libc.so.6 Reading symbols from /lib/x86_64-linux-gnu/libc.so.6... Reading symbols from /usr/lib/debug/.build-id/18/78e6b475720c7c51969e69ab2d276fae6d1dee.debug... (gdb) b main Function "main" not defined. (gdb)
然后通过猜测模糊搜索下关于 main 关键字的函数,发现 version.c 文件里__libc_main(void) 函数比较接近,还可以结合源码来定位入口函数。
(gdb) b __libc_main Breakpoint 1 at 0x241c0: file version.c, line 70. (gdb) r Starting program: /usr/lib/x86_64-linux-gnu/libc.so.6 warning: Probes-based dynamic linker interface failed. Reverting to original interface.
Breakpoint 1, __libc_main () at version.c:70 70 version.c: 没有那个文件或目录. (gdb)
然后手动设置下源码搜索路径:
1 2 3 4 5 6 7 8 9 10 11 12 13
(gdb) directory ~/glibc/glibc-2.31/csu/ Source directories searched: /home/lhx/glibc/glibc-2.31/csu:$cdir:$cwd (gdb) list 65 Running the library as a program will get here. */ 66 67externvoid __libc_main (void) __attribute__ ((noreturn)); 68void 69 __libc_main (void) 70 { 71 __libc_print_version (); 72 _exit (0); 73 } (gdb)
找到根源
接着单步调试,并进入函数一探究竟。发现版本信息正是被保存在 banner 数组里面。
1 2 3 4 5 6 7 8 9 10 11 12 13
(gdb) s 71 __libc_print_version (); (gdb) s __libc_print_version () at version.c:45 45 __write (STDOUT_FILENO, banner, sizeof banner - 1); (gdb) bt #0 __libc_print_version () at version.c:45 #1 __libc_main () at version.c:71 (gdb) p banner $1 = "GNU C Library (Ubuntu GLIBC 2.31-0ubuntu9.9) stable release version 2.31.\nCopyright (C) 2020 Free Software Foundation, Inc.\nThis is free software; see the source for copying conditions.\nThere is NO wa"... (gdb) set print elements unlimited (gdb) p banner $2 = "GNU C Library (Ubuntu GLIBC 2.31-0ubuntu9.9) stable release version 2.31.\nCopyright (C) 2020 Free Software Foundation, Inc.\nThis is free software; see the source for copying conditions.\nThere is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A\nPARTICULAR PURPOSE.\nCompiled by GNU CC version 9.4.0.\nlibc ABIs: UNIQUE IFUNC ABSOLUTE\nFor bug reporting instructions, please see:\n<https://bugs.launchpad.net/ubuntu/+source/glibc/+bugs>.\n"