我想检查 vsyscall_gtod_data 的内容(所有时间保持使clock_gettime()工作所需的相关信息)。
我正在使用 gdb 单步执行 __vdso_clock_gettime() 的汇编代码,并且正在查看以下部分:
0x00007ffff7ffaa71 <clock_gettime+129>: cmp eax,DWORD PTR [rbx]
0x00007ffff7ffaa73 <clock_gettime+131>: je 0x7ffff7ffaa47 <clock_gettime+87>
0x00007ffff7ffaa75 <clock_gettime+133>: jmp 0x7ffff7ffaa56 <clock_gettime+102>
0x00007ffff7ffaa77 <clock_gettime+135>: pause
0x00007ffff7ffaa79 <clock_gettime+137>: mov r12d,DWORD PTR [rbx]
=> 0x00007ffff7ffaa7c <clock_gettime+140>: test r12b,0x1
0x00007ffff7ffaa80 <clock_gettime+144>: jne 0x7ffff7ffaa77 <clock_gettime+135>
0x00007ffff7ffaa82 <clock_gettime+146>: mov eax,DWORD PTR [rip+0xffffffffffffd5fc] # 0x7ffff7ff8084
0x00007ffff7ffaa88 <clock_gettime+152>: mov DWORD PTR [rbp-0x1c],eax
0x00007ffff7ffaa8b <clock_gettime+155>: mov rax,QWORD PTR [rip+0xffffffffffffd61e] # 0x7ffff7ff80b0
0x00007ffff7ffaa92 <clock_gettime+162>: mov QWORD PTR [rsi],rax
0x00007ffff7ffaa95 <clock_gettime+165>: mov edx,DWORD PTR [rip+0xffffffffffffd5e9] # 0x7ffff7ff8084
0x00007ffff7ffaa9b <clock_gettime+171>: mov r10,QWORD PTR [rip+0xffffffffffffd616] # 0x7ffff7ff80b8
0x00007ffff7ffaaa2 <clock_gettime+178>: cmp edx,0x1
0x00007ffff7ffaaa5 <clock_gettime+181>: je 0x7ffff7ffabc0 <clock_gettime+464>
我相信是以下 C 代码的程序集(来自 linux-4.8.0/arch/x86/include/asm/vgtod.h):
static inline unsigned gtod_read_begin(const struct vsyscall_gtod_data *s)
{
unsigned ret;
repeat:
ret = ACCESS_ONCE(s->seq);
if (unlikely(ret & 1)) {
cpu_relax();
goto repeat;
}
smp_rmb();
return ret;
}
(汇编指令pause匹配cpu_relax())
据我了解,它struct vsyscall_gtod_data *s被保存rbx并在本指令中读取地址:
mov r12d,DWORD PTR [rbx]
这意味着被调试的程序可以读取这个地址,但是当我尝试在 gdb 中检查它时,我得到一个错误:
(gdb) x $rbx
0x7ffff7ff8080: Cannot access memory at address 0x7ffff7ff8080
(gdb)
关于发生了什么以及如何检查该记忆的任何想法?