- linker and loader
- gcc helloworld.c -o helloworld -g
- g gives debugging
- default in ubuntu doesn't have current directory in path
- good for security reasons
Shell is just user space binary (shell searches for executable, for instance, not kernel)
ps -el |grep hello
tell if ptrac attached to process
ptrace doesn't affect process at all
xless -S /proc/4DIGPROCESSNUM
shows virtual space of helloworld binary
last 3 nibbles are 0s. why? ...page if 4 kB = 2 ^12....
maps to one page
readable and executable will be in .tech section
gdb ./helloworld
disas main
in gdb: disas main
in gdb: x/10c addressgoeshere(for the movl one)
10 characters
x/3i addresshere
3 instructinons
break *ADDRESSHERE
global vars in .data
heap & stack, trying to view gdb (perhaps has heap)
if try acces memory between /usr/bin/gdb and heap (nothing there), page fault.
ask for memory with malloc. if not enough space and has to grow the heap, will execute sbrk system call
if ask heap to grow, will kernel give us new page table mappings?
probably not. linux = lazily as possible. wait until necessary to do something
if request when virtual memory only (not mapped to physical), traps to kernel, which looks at which process was running when occurred.
99.9% page faults NOT 6segv
how userspace ...maps memory
stack grows down.
ubuntu randomizes where things go
man strace
linker loader in user space
in gdb: catch syscall
will break for any system call
i r (shows registers)
eax register holds value - number assiciated with writesys (write system call)
gdb parent hw
screen parent gdb
bash parent screen
system calls have return values stored in eax register
sudo netstat | less
...
NEXT:
process scheduling
plt, global offset table
