**
[ 105.823895] BUG: unable to handle kernel paging request at ffffffffc06ed026
[ 105.823899] PGD 13c80e067 P4D 13c80e067 PUD 13c810067 PMD 12f1d0067 PTE 0
[ 105.823901] Oops: 0010 [#1] SMP NOPTI
[ 105.823903] CPU: 2 PID: 2935 Comm: bash Tainted: G OE 4.19.67-2018202030 #7
[ 105.823904] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020
[ 105.823907] RIP: 0010:0xffffffffc06ed026
[ 105.823910] Code: Bad RIP value.
[ 105.823910] RSP: 0018:ffffb129843cbf28 EFLAGS: 00010286
[ 105.823911] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffff8e4e001cb900
[ 105.823912] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8e4e2918f2d8
[ 105.823913] RBP: ffffb129843cbf28 R08: 0000000000000000 R09: 0000000000000000
[ 105.823913] R10: ffffb129843cbe98 R11: 0000000000000000 R12: ffffb129843cbf58
[ 105.823914] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 105.823915] FS: 00007fd974ed2700(0000) GS:ffff8e4e3de80000(0000) knlGS:0000000000000000
[ 105.823915] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 105.823916] CR2: ffffffffc06ecffc CR3: 00000000b5d0e000 CR4: 0000000000340ee0
[ 105.823932] Call Trace:
[ 105.823938] do_syscall_64+0x5a/0x110
[ 105.823941] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 105.823942] RIP: 0033:0x7fd9745c6360
[ 105.823943] Code: 0b 31 c0 48 83 c4 08 e9 ae fe ff ff 48 8d 3d 27 b4 09 00 e8 b2 1e 02 00 66 90 83 3d e9 23 2d 00 00 75 10 b8 00 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 5e de 01 00 48 89 04 24
[ 105.823944] RSP: 002b:00007ffeb6b5eb98 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 105.823945] RAX: ffffffffffffffda RBX: 00007fd9748938e0 RCX: 00007fd9745c6360
[ 105.823946] RDX: 0000000000000001 RSI: 00007ffeb6b5eba7 RDI: 0000000000000000
[ 105.823946] RBP: 00000000004d7d4a R08: 00007fd974895770 R09: 00007fd974ed2700
[ 105.823947] R10: 662f37362e39312e R11: 0000000000000246 R12: 000000000045f7d0
[ 105.823947] R13: 0000000000000001 R14: 0000000000000000 R15: 00007ffeb6b5ed60
[ 105.823948] Modules linked in: rfcomm bnep snd_ens1371 snd_ac97_codec gameport ac97_bus btusb btrtl snd_pcm crct10dif_pclmul snd_seq_midi snd_seq_midi_event crc32_pclmul ghash_clmulni_intel snd_rawmidi vmw_balloon pcbc snd_seq snd_seq_device snd_timer btbcm btintel snd bluetooth aesni_intel aes_x86_64 crypto_simd cryptd glue_helper input_leds joydev serio_raw soundcore ecdh_generic i2c_piix4 mac_hid vmw_vsock_vmci_transport vsock vmw_vmci parport_pc ppdev lp parport autofs4 hid_generic usbhid hid vmwgfx ttm drm_kms_helper mptspi mptscsih syscopyarea sysfillrect mptbase sysimgblt fb_sys_fops drm psmouse e1000 scsi_transport_spi ahci libahci pata_acpi [last unloaded: ftracehooking]
[ 105.823975] CR2: ffffffffc06ed026
[ 105.823976] ---[ end trace 2530693e2a17bef8 ]---
[ 105.823977] RIP: 0010:0xffffffffc06ed026
[ 105.823978] Code: Bad RIP value.
[ 105.823979] RSP: 0018:ffffb129843cbf28 EFLAGS: 00010286
[ 105.823980] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffff8e4e001cb900
[ 105.823980] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8e4e2918f2d8
[ 105.823981] RBP: ffffb129843cbf28 R08: 0000000000000000 R09: 0000000000000000
[ 105.823981] R10: ffffb129843cbe98 R11: 0000000000000000 R12: ffffb129843cbf58
[ 105.823982] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 105.823983] FS: 00007fd974ed2700(0000) GS:ffff8e4e3de80000(0000) knlGS:0000000000000000
[ 105.823983] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 105.823984] CR2: ffffffffc06ecffc CR3: 00000000b5d0e000 CR4: 0000000000340ee0
[ 105.829428] BUG: unable to handle kernel paging request at ffffffffc06ed026
[ 105.829433] PGD 13c80e067 P4D 13c80e067 PUD 13c810067 PMD 12f1d0067 PTE 0
[ 105.829439] Oops: 0010 [#2] SMP NOPTI
[ 105.829442] CPU: 1 PID: 1024 Comm: in:imklog Tainted: G D OE 4.19.67-2018202030 #7
[ 105.829444] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020
[ 105.829450] RIP: 0010:0xffffffffc06ed026
[ 105.829455] Code: Bad RIP value.
[ 105.829456] RSP: 0018:ffffb12981b6bf28 EFLAGS: 00010286
[ 105.829459] RAX: 0000000000000ea7 RBX: 0000000000000000 RCX: 0000000000000000
[ 105.829460] RDX: ffff8e4e0003ae00 RSI: 0000000000000000 RDI: ffff8e4d979eb200
[ 105.829461] RBP: ffffb12981b6bf28 R08: 0000000000000000 R09: 0000000000000000
[ 105.829463] R10: ffffb12981b6be98 R11: ffff8e4e3d806e80 R12: ffffb12981b6bf58
[ 105.829464] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 105.829466] FS: 00007f3d4182d700(0000) GS:ffff8e4e3de40000(0000) knlGS:0000000000000000
[ 105.829468] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 105.829469] CR2: ffffffffc06ecffc CR3: 0000000134a30000 CR4: 0000000000340ee0
[ 105.829496] Call Trace:
[ 105.829505] do_syscall_64+0x5a/0x110
[ 105.829510] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 105.829512] RIP: 0033:0x7f3d43c7c51d
[ 105.829515] Code: be 20 00 00 75 10 b8 00 00 00 00 0f 05 48 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 4e fc ff ff 48 89 04 24 b8 00 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 97 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 105.829516] RSP: 002b:00007f3d4180c580 EFLAGS: 00000293 ORIG_RAX: 0000000000000000
[ 105.829518] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3d43c7c51d
[ 105.829520] RDX: 0000000000001fa0 RSI: 00007f3d4180cda0 RDI: 0000000000000004
[ 105.829521] RBP: 00000000011c8320 R08: 0000000000000000 R09: 0000000000000000
[ 105.829522] R10: 00007f3d4180c3d0 R11: 0000000000000293 R12: 00007f3d4180cda0
[ 105.829524] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007f3d4180ce98
[ 105.829526] Modules linked in: rfcomm bnep snd_ens1371 snd_ac97_codec gameport ac97_bus btusb btrtl snd_pcm crct10dif_pclmul snd_seq_midi snd_seq_midi_event crc32_pclmul ghash_clmulni_intel snd_rawmidi vmw_balloon pcbc snd_seq snd_seq_device snd_timer btbcm btintel snd bluetooth aesni_intel aes_x86_64 crypto_simd cryptd glue_helper input_leds joydev serio_raw soundcore ecdh_generic i2c_piix4 mac_hid vmw_vsock_vmci_transport vsock vmw_vmci parport_pc ppdev lp parport autofs4 hid_generic usbhid hid vmwgfx ttm drm_kms_helper mptspi mptscsih syscopyarea sysfillrect mptbase sysimgblt fb_sys_fops drm psmouse e1000 scsi_transport_spi ahci libahci pata_acpi [last unloaded: ftracehooking]
[ 105.829632] CR2: ffffffffc06ed026
[ 105.829635] ---[ end trace 2530693e2a17bef9 ]---
[ 105.829638] RIP: 0010:0xffffffffc06ed026
[ 105.829641] Code: Bad RIP value.
[ 105.829643] RSP: 0018:ffffb129843cbf28 EFLAGS: 00010286
[ 105.829644] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffff8e4e001cb900
[ 105.829646] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8e4e2918f2d8
[ 105.829647] RBP: ffffb129843cbf28 R08: 0000000000000000 R09: 0000000000000000
[ 105.829648] R10: ffffb129843cbe98 R11: 0000000000000000 R12: ffffb129843cbf58
[ 105.829649] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 105.829651] FS: 00007f3d4182d700(0000) GS:ffff8e4e3de40000(0000) knlGS:0000000000000000
[ 105.829653] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 105.829654] CR2: ffffffffc06ecffc CR3: 0000000134a30000 CR4: 0000000000340ee0
os2018202030#ubuntu:~$**
I learning operating systems. I made a system call hooking and I found that it has a problem with removing it.
Although the system call hooking I made works fine. But when I remove the module from the kernel, it gives this kind of error message. I assume this kind of error is related to the page size of "syscall_table", but I can't find any relation between "syscall_table" and the address that the error message gave me. (I printed syscall_table address, gave me an address starting with 0000XXXXXX.)
those are the header files that I include.
#include <linux/module.h>
#include <linux/highmem.h>
#include <linux/kallsyms.h>
#include <linux/syscalls.h>
#include <asm/syscall_wrapper.h>
#include <linux/init.h>
#include <linux/kernel.h>
#include <linux/version.h>
#include <linux/namei.h>
#include <linux/sched.h>
those are codes that I've written.
#include "./ftracehooking.h"
#define __NR_ftrace 336 //trace system call identifier
MODULE_LICENSE("GPL");
MODULE_AUTHOR("Jiyong Park");
MODULE_DESCRIPTION("ftrace hook");
MODULE_VERSION("0.1");
/*
trace variables
*/
int read_count = 0;
int read_bytes = 0;
int write_count = 0;
int write_bytes = 0;
int open_count = 0;
char open_file[NAME_MAX] = {0 };
int close_count = 0;
int lseek_count = 0;
/*
make trace variables accessable from dynamically inserted modules
*/
EXPORT_SYMBOL(read_count);
EXPORT_SYMBOL(read_bytes);
EXPORT_SYMBOL(write_count);
EXPORT_SYMBOL(write_bytes);
EXPORT_SYMBOL(open_count);
EXPORT_SYMBOL(open_file);
EXPORT_SYMBOL(close_count);
EXPORT_SYMBOL(lseek_count);
void **syscall_table; //pointer to syscall table
static asmlinkage int (* orig_ftrace)(const struct pt_regs *reg); //a pointer to original syscall
static asmlinkage int hook_ftrace(const struct pt_regs *reg) //a ftrace hooking syscall
{
pid_t pid = reg->di; //get first argument of the pt_regs structure
if(pid != 0) //if current process is parent process whose pid is not 0
{
/*
initialize variables
*/
read_count = 0;
read_bytes = 0;
write_count = 0;
write_bytes = 0;
open_count = 0;
open_file[0] = '\0';
close_count = 0;
lseek_count = 0;
printk(KERN_INFO "OS Assignment2 ftrace [%d] Start\n", pid); //print kernel message
}
else
{
/*
if it is child process whose pid is 0, print kernel message below
we can get current file name from task_struct *current
*/
printk(KERN_INFO "[2018202030] %s file[%s] start [x] read - %d / written - %d\n", current->comm, open_file, read_bytes, write_bytes);
printk(KERN_INFO "open[%d] close[%d] read[%d] write[%d] lseek[%d]\n", open_count, close_count, read_count, write_count, lseek_count);
printk(KERN_INFO "OS Assignment2 ftrace [%d] End\n", pid);
}
return orig_ftrace(reg); //call original ftrace syscall and return its return value
}
/*
get read and write permission at address
*/
void make_rw(void *addr)
{
unsigned int level;
pte_t *pte = lookup_address((u64)addr, &level); //get page table entry of address
if(pte->pte &~ _PAGE_RW) //if there is no write permission on the address
pte->pte |= _PAGE_RW; //turn on read write permission
}
/*
retrieve read only permission at address
*/
void make_ro(void *addr)
{
unsigned int level;
pte_t *pte = lookup_address((u64)addr, &level); //get page table entry of address
pte->pte = pte->pte &~ _PAGE_RW; //eliminate write permission
}
static int __init hooking_init(void)
{
syscall_table = (void **)kallsyms_lookup_name("sys_call_table"); //get syscall table entry
make_rw(syscall_table); //get page write permission
orig_ftrace = syscall_table[__NR_ftrace]; //store original ftrace syscall
syscall_table[__NR_ftrace] = hook_ftrace; //hook a user defined syscall
make_ro(syscall_table); //eliminate page write permission
return 0;
}
static void __exit hooking_exit(void)
{
make_rw(syscall_table); //get page write permission
syscall_table[__NR_ftrace] = orig_ftrace; //restore pre-defined syscall
make_ro(syscall_table); //eliminate page write permission
}
module_init(hooking_init); //insert module
module_exit(hooking_exit); //exit module
#include "./ftracehooking.h"
#define __NR_ftrace 336
#define __NR_read 0
#define __NR_write 1
#define __NR_open 2
#define __NR_close 3
#define __NR_lseek 8
MODULE_LICENSE("GPL");
MODULE_AUTHOR("Jiyong Park");
MODULE_DESCRIPTION("io trace hook");
MODULE_VERSION("0.1");
void **syscall_table; //pointer to syscall table
/*
external trace variables
*/
extern int read_count;
extern int read_bytes;
extern int write_count;
extern int write_bytes;
extern int open_count;
extern char open_file[NAME_MAX];
extern int close_count;
extern int lseek_count;
/*
pointers to original syscall
*/
static asmlinkage long (*orig_read)(const struct pt_regs *);
static asmlinkage long (*orig_write)(const struct pt_regs *);
static asmlinkage long (*orig_open)(const struct pt_regs *);
static asmlinkage long (*orig_close)(const struct pt_regs *);
static asmlinkage long (*orig_lseek)(const struct pt_regs *);
static asmlinkage long ftrace_read(const struct pt_regs *reg) //read syscall hook
{
read_bytes += reg->dx; //get third argument of the pt_regs structure
++read_count; //increase read count
return orig_read(reg); //call original read syscall and return its return value
}
static asmlinkage long ftrace_write(const struct pt_regs *reg) //write syscall hook
{
write_bytes += reg->dx; //get third argument of the pt_regs structure
++write_count; //increase write count
return orig_write(reg); //call original write syscall and return its return value
}
static asmlinkage long ftrace_open(const struct pt_regs *reg) //open syscall hook
{
char __user *pathname = (char *)reg->di; //get third argument from pt_regs
strncpy_from_user(open_file, pathname, NAME_MAX); //string copy null byte aware
++open_count; //increase open count
return orig_open(reg); //call original open syscall and return its return value
}
static asmlinkage long ftrace_close(const struct pt_regs *reg) //close syscall hook
{
++close_count; //increase close count
return orig_close(reg); //call original close syscall and return its return value
}
static asmlinkage long ftrace_lseek(const struct pt_regs *reg) //lseek syscall hook
{
++lseek_count; //increase lseek count
return orig_lseek(reg); //call original lseek syscall and return its return value
}
/*
get read and write permission at address
*/
/*
void make_rw(void *addr)
{
unsigned int level;
pte_t *pte = lookup_address((u64)addr, &level); //get page table entry of address
if(pte->pte &~ _PAGE_RW) //if there is no write permission on the address
pte->pte |= _PAGE_RW; //turn on read write permission
}
*/
/*
retrieve read only permission at address
*/
/*
void make_ro(void *addr)
{
unsigned int level;
pte_t *pte = lookup_address((u64)addr, &level); //get page table entry of address
pte->pte = pte->pte &~ _PAGE_RW; //eliminate write permission
}
*/
static int __init hooking_init(void)
{
syscall_table = (void **)kallsyms_lookup_name("sys_call_table"); //get syscall table entry
//make_rw(syscall_table);
write_cr0(read_cr0() & (~0x10000)); //get page write permission
/*
store original syscalls
*/
orig_read = syscall_table[__NR_read];
orig_write = syscall_table[__NR_write];
orig_open = syscall_table[__NR_open];
orig_close = syscall_table[__NR_close];
orig_lseek = syscall_table[__NR_lseek];
/*
hook a user defined syscall
*/
syscall_table[__NR_read] = ftrace_read;
syscall_table[__NR_write] = ftrace_write;
syscall_table[__NR_open] = ftrace_open;
syscall_table[__NR_close] = ftrace_close;
syscall_table[__NR_lseek] = ftrace_lseek;
write_cr0(read_cr0() | 0x10000);
return 0;
}
static void __exit hooking_exit(void)
{
/*
restore pre-defined syscall
*/
write_cr0(read_cr0() & (~0x10000));
syscall_table[__NR_read] = orig_read;
syscall_table[__NR_write] = orig_write;
syscall_table[__NR_open] = orig_open;
syscall_table[__NR_close] = orig_close;
syscall_table[__NR_lseek] = orig_lseek;
write_cr0(read_cr0() | 0x10000);
//make_ro(syscall_table); //eliminate page write permission
}
module_init(hooking_init); //insert module
module_exit(hooking_exit); //exit module
can you guys give me an idea of how to solve this problem?
Related
I'm new to MATLAB and I get the following crash information when running GISTIC2 based on MCR. No problem running that algorithm in other machine we are using.
------------------------------------------------------------------------
Segmentation violation detected at Thu Jul 8 23:01:05 2021
------------------------------------------------------------------------
Configuration:
Crash Decoding : Disabled
Current Visual : 0x21 (class 4, depth 24)
Default Encoding : UTF-8
GNU C Library : 2.31 stable
MATLAB Architecture: glnxa64
MATLAB Root : /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83
MATLAB Version : 8.3.0.532 (R2014a)
Operating System : Linux 5.8.0-59-generic #66~20.04.1-Ubuntu SMP Thu Jun 17 11:14:10 UTC 2021 x86_64
Processor ID : x86 Family 143 Model 96 Stepping 1, AuthenticAMD
Virtual Machine : Java 1.7.0_11-b21 with Oracle Corporation Java HotSpot(TM) 64-Bit Server VM mixed mode
Window System : The X.Org Foundation (12009000), display :0
Fault Count: 1
Abnormal termination:
Segmentation violation
Register State (from fault):
RAX = 0000000000000000 RBX = 00007f7790b2c190
RCX = 0000000000000000 RDX = 0000000000000000
RSP = 00007f77f2becde8 RBP = 00007f77ec0376c0
RSI = 000000003e07c725 RDI = 0000000000000000
R8 = 0000000000000007 R9 = 00312d3634363031
R10 = 00007f77f2becc70 R11 = 0000000000000000
R12 = 0000000000000000 R13 = 00007f77f2bed180
R14 = 0000000000000000 R15 = 0000000000000000
RIP = 00007f7807063675 EFL = 0000000000010283
CS = 0033 FS = 0000 GS = 0000
Stack Trace (from fault):
[ 0] 0x00007f7807063675 /lib/x86_64-linux-gnu/libc.so.6+01619573
[ 1] 0x00007f77f588ec18 /lib/x86_64-linux-gnu/libX11.so.6+00134168 XLoadQueryFont+00000056
[ 2] 0x00007f77f870adf0 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwuix.so+00261616
[ 3] 0x00007f77f870baae /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwuix.so+00264878
[ 4] 0x00007f77f870bd29 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwuix.so+00265513
[ 5] 0x00007f77f8e5d143 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwgui.so+00663875 _Z21wm_SetUnadjWindowFontP10WinRec_tagP6mxFont+00000083
[ 6] 0x00007f77f8e5d74b /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwgui.so+00665419 _Z22wm_GetDeviceFontExtentP10WinRec_tagP6mxFontPKcdP6mwrect+00000315
[ 7] 0x00007f77f8e78fff /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwgui.so+00778239 uiGetDeviceFont+00000815
[ 8] 0x00007f77f8e79171 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwgui.so+00778609 _Z15uiSetWindowFontP10WinRec_tagP6mxFont+00000017
[ 9] 0x00007f77f8e5d013 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwgui.so+00663571 _Z16wm_SetWindowFontP10WinRec_tagP6mxFont+00000083
[ 10] 0x00007f77a5d81195 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwhg.so+05001621
[ 11] 0x00007f77f8e9489d /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwgui.so+00891037 _ZN11gui_objects10tickpicker12nicefyLimitsERNS0_14AxisDescriptorENS0_8AxisTypeE+00000173
[ 12] 0x00007f77f8e94cc3 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwgui.so+00892099 _ZN11gui_objects10tickpicker12nicefyLimitsERNS0_14AxisDescriptorE+00000019
[ 13] 0x00007f77a5d816d9 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwhg.so+05002969
[ 14] 0x00007f77a5ce57df /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwhg.so+04364255
[ 15] 0x00007f77a5cd0b1f /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwhg.so+04279071
[ 16] 0x00007f77a5dd4740 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwhg.so+05343040
[ 17] 0x00007f77a5dd427c /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwhg.so+05341820
[ 18] 0x00007f77a5dc72b0 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwhg.so+05288624
[ 19] 0x00007f77f746bded /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwudd.so+00634349
[ 20] 0x00007f77f7465153 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwudd.so+00606547 _ZN11UDInterface15notifyPropEventEP16UDDatabaseClientPK10UDPropInfoPK11UDEventInfoP7UDEvent+00000115
[ 21] 0x00007f77f7468671 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwudd.so+00620145 _ZN11UDInterface4setEEP16UDDatabaseClientP10UDPropInfoPvP13UDErrorStatus+00000593
[ 22] 0x00007f77a5dd15b6 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwhg.so+05330358
[ 23] 0x00007f77a5dcbadd /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwhg.so+05307101
[ 24] 0x00007f77a5dca0d0 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwhg.so+05300432
[ 25] 0x00007f77a5db06f5 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwhg.so+05195509
[ 26] 0x00007f77a5dbdfd0 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwhg.so+05251024
[ 27] 0x00007f77a5db7408 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwhg.so+05223432
[ 28] 0x00007f77a5dbe432 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwhg.so+05252146
[ 29] 0x00007f77a5dc3113 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwhg.so+05271827 hgSet+00001107
[ 30] 0x00007f77a6c80742 /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwhgbuiltins.so+00345922
...
[125] 0x00007f77fba703bf /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwmcr.so+00365503
[126] 0x00007f77fba6b28f /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/bin/glnxa64/libmwmcr.so+00344719
[127] 0x00007f78070d3609 /lib/x86_64-linux-gnu/libpthread.so.0+00038409
If this problem is reproducible, please submit a Service Request via:
http://www.mathworks.com/support/contact_us/
A technical support engineer might contact you with further information.
Thank you for your help.** This crash report has been saved to disk as /home/lcj/matlab_crash_dump.29508-1 **
Segmentation fault (core dumped)
After renaming the libstdc++.so.6 library to libstdc++.so.6.old in ~/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83/sys/os/glnxa64, I got the following crash information.
------------------------------------------------------------------------
Segmentation violation detected at Sat Jul 10 23:22:39 2021
------------------------------------------------------------------------
Configuration:
Crash Decoding : Disabled
Current Visual : 0x21 (class 4, depth 24)
Default Encoding : UTF-8
GNU C Library : 2.31 stable
MATLAB Architecture: glnxa64
MATLAB Root : /home/lcj/Biosoft/GISTIC2/MATLAB_Compiler_Runtime/v83
MATLAB Version : 8.3.0.532 (R2014a)
Operating System : Linux 5.8.0-59-generic #66~20.04.1-Ubuntu SMP Thu Jun 17 11:14:10 UTC 2021 x86_64
Processor ID : x86 Family 143 Model 96 Stepping 1, AuthenticAMD
Virtual Machine : Java 1.7.0_11-b21 with Oracle Corporation Java HotSpot(TM) 64-Bit Server VM mixed mode
Window System : The X.Org Foundation (12009000), display :0
Fault Count: 1
Abnormal termination:
Segmentation violation
Register State (from fault):
RAX = 0000000000000000 RBX = 00007f26c0b99880
RCX = 0000000000000000 RDX = 0000000000000000
RSP = 00007f2720dcede8 RBP = 00007f271c0376c0
RSI = 000000003e07c725 RDI = 0000000000000000
R8 = 0000000000000007 R9 = 00312d3634363031
R10 = 00007f2720dcec70 R11 = 0000000000000000
R12 = 0000000000000000 R13 = 00007f2720dcf180
R14 = 0000000000000000 R15 = 0000000000000000
RIP = 00007f2735246675 EFL = 0000000000010283
CS = 0033 FS = 0000 GS = 0000
Stack Trace (from fault):
Caught "std::exception" Exception message is:
FatalException
Error:FatalException
Any clues to solve this errors?
Logic which is working in Abinitio platform.
Lets take sample value as “123456789”, for which we need to generate SHA256 and convert into unsigned integer(7). Expected result - 40876285344408085
m_eval 'hash_SHA256("123456789")'
[void 0x15 0xe2 0xb0 0xd3 0xc3 0x38 0x91 0xeb 0xb0 0xf1 0xef 0x60 0x9e 0xc4 0x19 0x42 0x0c 0x20 0xe3 0x20 0xce 0x94 0xc6 0x5f 0xbc 0x8c 0x33 0x12 0x44 0x8e 0xb2 0x25]
m_eval 'string_to_hex(hash_SHA256("123456789"))'
"15E2B0D3C33891EBB0F1EF609EC419420C20E320CE94C65FBC8C3312448EB225"
m_eval '(unsigned integer(7)) reinterpret(hash_SHA256("123456789"))'
40876285344408085
Scala Approach
println("Input Value : "+shaVal)
val shaCode="SHA-256"
val utf="UTF-8"
val digest = MessageDigest.getInstance(shaCode)
println("digest SHA-256 : "+digest)
val InpStr = StringUtils.stripStart(shaVal,"0")
println("InpStr : "+InpStr)
val hashUTF = digest.digest(InpStr.getBytes(utf))
println("hashUTF(UTF-8) : "+hashUTF.mkString(" "))
val hashBigInt= new BigInteger(1, digest.digest(InpStr.getBytes("UTF-8")))
println("hashBigInt : "+hashBigInt)
val HashKeyRes = String.format("%032x", hashBigInt)
println("HashKeyRes : "+HashKeyRes)
Console Output
hashUTF(UTF-16) : 21 -30 -80 -45 -61 56 -111 -21 -80 -15 -17 96 -98 -60 25 66 12 32 -29 32 -50 -108 -58 95 -68 -116 51 18 68 -114 -78 37
hashBigInt : 9899097673353459346982371669967256498000649460813128595014811958380719944229
HashKeyRes : 15e2b0d3c33891ebb0f1ef609ec419420c20e320ce94c65fbc8c3312448eb225
fromBase : 16
toBase : 10
So the hash key generated matches with the value, which is HEX format (Base16). But the expected output should be in(Base10) Unsigned Integer (7) as 40876285344408085
I'm writing a UDP socket in nasm and I'm using the recvfrom system call to receive a UDP packet from a client.
I can successfully get the message sent, but I would like to send back to the client an answer.
The problem is that I can't extract the source IP address of the packet, so I can't use the sendto system call.
This is the code of the UDP server:
%include "../StandardLibrary/standardlib.inc"
%include "./network.inc"
PORT_NUMBER equ 4096
%macro printError 3
print %1
printLineInt %2, %3
%endmacro
%macro clearBuffer 1
getLength %1
mov r12, 0
%%loop:
mov [%1 + r12], byte 0
inc r12
cmp r11, r12
jne %%loop
%endmacro
section .data
sock_addr:
istruc sockaddr_in
at sockaddr_in.sin_family, dw AF_INET
at sockaddr_in.sin_port, dw htons(PORT_NUMBER)
at sockaddr_in.in_addr, db 00h, 00h, 00h, 00h
at sockaddr_in.sin_zero, db 0, 0, 0, 0, 0, 0, 0, 0
iend
client_sockaddr:
istruc sockaddr
at sockaddr.sa_family, dw AF_INET
at sockaddr.sa_data, db 0, 0, 0, 0, 0, 0, 0, 0, 0 , 0, 0, 0, 0, 0
iend
;Messaggi di successo
so_creation_success db "Socket creato con successo", 0
so_binding_success db "Binding del socket eseguito con successo", 0
so_started_capturing db "Socket in ascolto di messaggi...", 0
;Messaggi di errore
so_creation_error db "Errore nella creazione del socket: ", 0
so_binding_error db "Errore nel binding del socket: ", 0
so_capture_error db "Errore nella ricezione del messaggio: ", 0
so_sending_error db "Errore nell'invio del messaggio: ", 0
section .bss
buffer resb 100
socket_fd resw 1
error_code resq 1
tmp resb 10
section .text
global _start
_start:
;1) Creazione del socket
mov rax, SYS_SOCKET
mov rdi, AF_INET
mov rsi, SOCK_DGRAM
mov rdx, 0
syscall
cmp rax, -1
jle _socket_error
;Carica nello stack il file descriptor
mov [socket_fd], rax
printLine so_creation_success
;2) Binding del socket
mov rax, SYS_BIND
mov rdi, [socket_fd]
mov rsi, sock_addr
mov rdx, sockaddr_in_size
syscall
cmp rax, -1
jle _binding_error
printLine so_binding_success
;3) Ricezione dei messaggi
_listen:
mov rax, SYS_RECVFROM
mov rdi, [socket_fd]
mov rsi, buffer
mov rdx, 20
mov r10, 0
mov r8, client_sockaddr
mov r9, 16
syscall
cmp rax, -1 ;Controlla che non ci siano stati errori
jle _capture_error
cmp rax, 1 ;Controlla che non sia stato ricevuto un pcchetto vuoto
jle _exit ;è definito vuoto anche un pacchetto con un solo carattere
;Messaggio ricevuto con successo
print buffer
clearBuffer buffer ;Svuota il buffer
jmp _listen
;Il programma è terminato con successo
_exit:
exit
;Errore nella creazione del socket
_socket_error:
neg rax
mov [error_code], rax
printError so_creation_error, [error_code], tmp
exit [error_code]
;Errore durante il binding del socket
_binding_error:
neg rax
mov [error_code], rax
printError so_binding_error, [error_code], tmp
exit [error_code]
;Errore durante la ricezione del messaggio
_capture_error:
neg rax
mov [error_code], rax
printError so_capture_error, [error_code], tmp
exit [error_code]
And on network.inc I have:
SYS_SOCKET equ 41 ;Id system call per la creazione del socket
SYS_SENDTO equ 44 ;Id system call per l'invio di datagram UDP
SYS_RECVFROM equ 45 ;Id system call per la ricezione di datagram UDP
SYS_BIND equ 49 ;Id system call per legare un socket ad un indirizzo IP (o ad una famiglia)
AF_INET equ 2 ;Rete IPv4
SOCK_DGRAM equ 2 ;Id del protocollo UDP
INADDR_ANY equ 0 ;Indica che il socket accetta comunicazioni da qualsiasi indirizzo IP
;Traduce x in un valore di tipo network byte order
%define htons(x) ((x >> 8) & 0xFF) | ((x & 0xFF) << 8)
;Rappresenta un indirizzo IPv4
struc in_addr
.s_addr: resb 4 ;Valore dei 4 ottetti
endstruc
;Rappresenta la struttura di un socket
struc sockaddr_in
.sin_family: resw 1 ;Id del tipo di indirizzo
.sin_port: resw 1 ;Numero di porta
.in_addr: resb 4 ;Indirizzo IP
.sin_zero: resb 8 ;Byte di rimepimento
endstruc
struc sockaddr
.sa_family resw 1
.sa_data resb 14
endstruc
As UDP client I'm using the netcat command: netcat -u 127.0.0.1 4096
You can pass a pointer to your sockaddr structure in SYS_RECVFROM according to the documentation here:
mov r8, 0
mov r9, 0
And then use filled structure with sendto syscall.
UPD
sockaddr has following shape in C:
struct sockaddr {
unsigned short int sa_family;
char sa_data[14];
};
I think, it looks something like this in NASM:
struc sockaddr
.sa_family resw 1
.sa_data db 14
endstruc
client_sock_addr:
istruc sockaddr
at sockaddr.sa_family, dw AF_INET
at sockaddr.sa_data, db 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
iend
UPD #2
I've noticed that you're allocating 2 bytes for the socket. Actually, sockets must be int:
socket_fd resd 1
Next thing: you have to pass to r9 reference rather than value
section .data
; ...
client_sockaddr_len dd 16
; ...
; ...
mov rax, SYS_RECVFROM
mov rdi, [socket_fd]
mov rsi, buffer
mov rdx, 20
mov r10, 0
mov r8, client_sockaddr
mov r9, client_sockaddr_len
syscall
And finally you can sendto
mov rax, SYS_SENDTO
mov rdi, [socket_fd]
mov rsi, buffer
mov rdx, 50
mov r10, 0
mov r8, client_sockaddr
mov r9, [client_sockaddr_len]
syscall
I wrote a kernel to print hello world. but it's not working,
hello world is not printed.
assembly print is working well.
I using GCC and NASM for cross compile and assemble.
This is the my bootloader, second stage code and C code.
[ORG 0x00]
[BITS 16]
section .text
JMP 0x07C0:START ;
START:
mov ax, cs
mov ds, ax
mov es, ax
mov ax, 0x0000
mov ss, ax
mov ax, 0xffff
mov sp, ax
mov bp, ax
mov si, 0xB800
mov es, si
mov bx, 0x0000
mov cx, 80*25*2
CLEAR: ;Clear screen
mov byte[es:bx], 0x00
inc bx
loop CLEAR
READ: ;Read disk
mov si, 0x1000
mov es, si
mov bx, 0x0000 ; ES:BX, 0x1000:0000
mov ah, 0x02
mov al, 2
mov ch, 0
mov cl, 2
mov dh, 0
mov dl, 0
int 0x13
jnc A20_ENABLE ; No Error -> jump to A20_ENABLE
READERROR: ;If failed to read disk,
jmp $
A20_ENABLE: ;Enable A20 GATE with BIOS
mov ax, 0x2401
int 0x15
jnc ENTRY
A20_FAIL: ;If BIOS Interrupt is not working, use Control Port.
mov al, 2 ;
out 0x92, al
ENTRY: ;Entry Point
cli
lgdt [GDTR]
mov eax, cr0
or eax, 1
mov cr0, eax
jmp $+2 ; for pipeline
nop
nop
jmp dword 0x08:0x10000 ; jump to second stage
GDTR: ; GDT
dw GDTEND - GDT - 1
dd GDT+0x7C00
GDT:
NULL:
dw 0x00 ;프로세서 예약구간
dw 0x00
db 0x00
db 0x00
db 0x00
db 0x00
CODE:
dw 0xFFFF ;LIMIT ADRESS
dw 0x0000 ;BASE ADRESS
db 0x00 ;BASE ADRESS
db 0x9A ;1001 1010 A code segment descriptor (for your kernel, it should have type=0x9A)
db 0xCF ;1100 1111
db 0x00
DATA:
dw 0xFFFF
dw 0x0000
db 0x01
db 0x92 ;1001 0010 A data segment descriptor (you cant write to a code segment, so add this with type=0x92)
db 0xCF ;1100 1111
db 0x00
VIDEO:
dw 0xFFFF
dw 0x8000
db 0x0B
db 0x92
db 0x40
db 0x00
GDTEND:
times 510 - ($-$$) db 0x00
db 0x55
db 0xAA
Second stage.
[ORG 0x10000]
[BITS 32]
PROTECTED:
mov ax, 0x10
mov gs, ax
mov ss, ax
mov ds, ax
mov es, ax
mov fs, ax
xor esp, esp ; make stack
mov esp, 0xFFFE
mov ebp, 0xFFFE
mov si, 0x18 ; setting for print message
mov es, si
mov bx, 0
lea si, [message]
mov ah, 0x0f
MESSAGE: ; print loop
lodsb
cmp al, 0
je LOADKERNEL
mov [es:bx], ax
add bx, 2
jmp MESSAGE
LOADKERNEL:
jmp dword 0x08:0x10200 ; jump to C kernel
message: db 'Protected Mode Entered.', 0
times 512 - ($ - $$) db 0x00
and C code also.
void write_string();
void main(){
write_string(0x09, "helloworld");
}
void write_string( int colour, const char *string )
{
volatile char *video = (volatile char*)0xB8000;
while( *string != 0 )
{
*video++ = *string++;
*video++ = colour;
}
}
I converted C code to assembly with ld, gcc and objcopy.
gcc -c -m32 -ffreestanding kernel.c -o kernel.o
ld -melf_i386 -Ttext 0x10200 -nostdlib kernel.o -o kernel.tmp
objcopy -O binary kernel.tmp kernel.img
cat bootloader.img secondstage.img kernel.img > Disk
like this.
I really can't understand why it's not working.
If you need more information, plz leave a comment.
I'm using binutils-2.21.53.0.1-6.fc16.x86_64.
I have a small object file, hello.o with just enough "stuff" to have contents in all sections:
Section Headers:
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 0] NULL 0000000000000000 00000000
0000000000000000 0000000000000000 0 0 0
[ 1] .text PROGBITS 0000000000000000 00000040
000000000000005d 0000000000000000 AX 0 0 4
[ 2] .rela.text RELA 0000000000000000 00000808
0000000000000060 0000000000000018 15 1 8
[ 3] .data PROGBITS 0000000000000000 000000a0
0000000000000000 0000000000000000 WA 0 0 4
[ 4] .bss NOBITS 0000000000000000 000000a0
0000000000000053 0000000000000000 WA 0 0 32
[ 5] .rodata PROGBITS 0000000000000000 000000a0
000000000000000f 0000000000000000 A 0 0 1
[ 6] .data.rel.local PROGBITS 0000000000000000 000000b0
0000000000000008 0000000000000000 WA 0 0 8
[ 7] .rela.data.rel.lo RELA 0000000000000000 00000868
0000000000000018 0000000000000018 15 6 8
[ 8] .data.rel PROGBITS 0000000000000000 000000b8
0000000000000008 0000000000000000 WA 0 0 8
[ 9] .rela.data.rel RELA 0000000000000000 00000880
0000000000000018 0000000000000018 15 8 8
[10] .comment PROGBITS 0000000000000000 000000c0
000000000000002d 0000000000000001 MS 0 0 1
[11] .note.GNU-stack PROGBITS 0000000000000000 000000ed
0000000000000000 0000000000000000 0 0 1
[12] .eh_frame PROGBITS 0000000000000000 000000f0
0000000000000058 0000000000000000 A 0 0 8
[13] .rela.eh_frame RELA 0000000000000000 00000898
0000000000000030 0000000000000018 15 12 8
[14] .shstrtab STRTAB 0000000000000000 00000148
0000000000000085 0000000000000000 0 0 1
[15] .symtab SYMTAB 0000000000000000 00000610
00000000000001b0 0000000000000018 16 11 8
[16] .strtab STRTAB 0000000000000000 000007c0
0000000000000045 0000000000000000 0 0 1
If I use -pie and no linker script, the results are as expected:
$ ld -pie -Map hello_pie.map -o hello_pie.elf hello.o
$ ll hello_pie.elf
-rwxrwx---. 1 jreinhart jreinhart 3453 Mar 13 23:44 hello_pie.elf
However, if I include any sort of linker script, the output size explodes:
$ cat 1.ld
SECTIONS
{
}
$ ld -T 1.ld -pie -Map hello_pie.map -o hello_pie.elf hello.o
$ ll hello_pie.elf
-rwxrwx---. 1 jreinhart jreinhart 2100070 Mar 13 23:45 hello_pie.elf
As you can see, this file became huge.
Note that this appears to happen because the .text section insists on starting at offset 0x200000 in the file:
$ readelf -l -S hello_pie.elf
There are 19 section headers, starting at offset 0x200400:
Section Headers:
[Nr] Name Type Address Offset
Size EntSize Flags Link Info Align
[ 0] NULL 0000000000000000 00000000
0000000000000000 0000000000000000 0 0 0
[ 1] .text PROGBITS 0000000000000000 00200000 <--- Why?
000000000000005d 0000000000000000 AX 0 0 4
[ 2] .rodata PROGBITS 000000000000005d 0020005d
000000000000000f 0000000000000000 A 0 0 1
[ 3] .eh_frame PROGBITS 0000000000000070 00200070
0000000000000058 0000000000000000 A 0 0 8
[ 4] .interp PROGBITS 00000000000000c8 002000c8
000000000000000f 0000000000000000 A 0 0 1
[ 5] .dynsym DYNSYM 00000000000000d8 002000d8
0000000000000078 0000000000000018 A 6 2 8
[ 6] .dynstr STRTAB 0000000000000150 00200150
0000000000000014 0000000000000000 A 0 0 1
[ 7] .hash HASH 0000000000000168 00200168
0000000000000028 0000000000000004 A 5 0 8
[ 8] .rela.dyn RELA 0000000000000190 00200190
0000000000000078 0000000000000018 A 5 0 8
[ 9] .data.rel.local PROGBITS 0000000000000208 00200208
0000000000000008 0000000000000000 WA 0 0 8
[10] .data.rel PROGBITS 0000000000000210 00200210
0000000000000008 0000000000000000 WA 0 0 8
[11] .dynamic DYNAMIC 0000000000000218 00200218
00000000000000f0 0000000000000010 WA 6 0 8
[12] .got PROGBITS 0000000000000308 00200308
0000000000000018 0000000000000008 WA 0 0 8
[13] .got.plt PROGBITS 0000000000000320 00200320
0000000000000018 0000000000000008 WA 0 0 8
[14] .bss NOBITS 0000000000000340 00200338
0000000000000053 0000000000000000 WA 0 0 32
[15] .comment PROGBITS 0000000000000000 00200338
000000000000002c 0000000000000001 MS 0 0 1
[16] .shstrtab STRTAB 0000000000000000 00200364
000000000000009a 0000000000000000 0 0 1
[17] .symtab SYMTAB 0000000000000000 002008c0
0000000000000258 0000000000000018 18 19 8
[18] .strtab STRTAB 0000000000000000 00200b18
000000000000004e 0000000000000000 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings), l (large)
I (info), L (link order), G (group), T (TLS), E (exclude), x (unknown)
O (extra OS processing required) o (OS specific), p (processor specific)
Elf file type is DYN (Shared object file)
Entry point 0x0
There are 5 program headers, starting at offset 64
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
PHDR 0x0000000000000040 0x0000000000200040 0x0000000000000000
0x0000000000000118 0x0000000000000118 R E 8
INTERP 0x00000000002000c8 0x00000000000000c8 0x00000000000000c8
0x000000000000000f 0x000000000000000f R 1
[Requesting program interpreter: /lib/ld64.so.1]
LOAD --> 0x0000000000200000 0x0000000000000000 0x0000000000000000
0x0000000000000338 0x0000000000000393 RWE 200000
DYNAMIC 0x0000000000200218 0x0000000000000218 0x0000000000000218
0x00000000000000f0 0x00000000000000f0 RW 8
GNU_STACK 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x0000000000000000 0x0000000000000000 RW 8
This has been happening regardless of the contents of my linker script. Any ideas what's going on?
I ran into this same problem today when learning about linker scripts. SIZEOF_HEADERS was the magic bullet to solve it. Here is my simple source file to build the object I'm linking:
.section .text
.global _start
_start:
mov $1, %eax
mov $8, %ebx
int $0x80
With the following linker script, I get a 2+ MB executable:
SECTIONS
{
. = 0x400000;
.text : { *(.text) }
}
If I add +SIZEOF_HEADERS, as shown below, I get a 568-byte executable:
SECTIONS
{
. = 0x400000 + SIZEOF_HEADERS;
.text : { *(.text) }
}
Per the LD documentation, this function returns the size of the output file's headers. Manually setting the offset to include the header size also yields a 568-byte executable:
SECTIONS
{
. = 0x400078;
.text : { *(.text) }
}
If I move .text even further down, the executable starts to expand. The following yields a 65984-byte executable:
SECTIONS
{
. = 0x410000;
.text : { *(.text) }
}
So basically, from what I can tell, it appears that:
The first output section appears to share a memory page with the output file headers. If the first section overlaps with the headers, LD emits a full page of pad bytes before outputting the first section to avoid a conflict
To fix this, set the output address for the first output section to X + SIZEOF_HEADERS. This is what the built-in linker script for LD does (you can take a look by running "ld --verbose")
Try the following command line option with ld (or gcc):
-z max-page-size=0x1000
By default ld page-aligns input sections. Since your kernel enforces superpages (pages of 2MB = 0x200000 bytes) your .text section gets aligned at offset 0x200000. It seems like a bug in ld as it should use offset 0x0000000 instead (see EDIT below for a possible explanation)
To prevent this alignment which creates a bigger file, you can use the --nmagic flag to ld to prevent it from page-aligning your .text section although it has side effects (it also disables linking against shared libraries). Be careful though to align other sections (.data, .rodata,...) to 2M pages because they can't live in the same page as .text since all these sections require different access bits.
EDIT: thinking about it, we all expect accesses to virtual address 0x00000000 to generate an exception (segfault). To do so, I see two possibilities: either the kernel maps a page with no access rights (r/w/x) or (more likely) it simply doesn't map anything (no page mapped => segfault) and the linker must know that somehow... that could explain why ld skips the first page which is at address zero. This is TBC.