(在线更新GLIBC必备)
如果要指定多个预载入的*.so,那么需要在LD_PRELOAD后用分号隔开多个so(LD_PRELOAD=./ld-linux.so.2:./libc-2.7.so) (20090624补齐)
# LD_DEBUG=libs LD_PRELOAD=./ld-linux.so.2 LD_LIBRARY_PATH=/usr/src/test/ /bin/mv
29878: find library=libacl.so.1 [0]; searching
29878: search path=/usr/src/test/tls/i686/sse2:/usr/src/test/tls/i686:/usr/src/test/tls/sse2:/usr/src/test/tls:/usr/src/test/i686/sse2:/usr/src/test/i686:/usr/src/test/sse2:/usr/src/test (LD_LIBRARY_PATH)
29878: trying file=/usr/src/test/tls/i686/sse2/libacl.so.1
29878: trying file=/usr/src/test/tls/i686/libacl.so.1
29878: trying file=/usr/src/test/tls/sse2/libacl.so.1
29878: trying file=/usr/src/test/tls/libacl.so.1
29878: trying file=/usr/src/test/i686/sse2/libacl.so.1
29878: trying file=/usr/src/test/i686/libacl.so.1
29878: trying file=/usr/src/test/sse2/libacl.so.1
29878: trying file=/usr/src/test/libacl.so.1
29878:
29878: find library=libc.so.6 [0]; searching
29878: search path=/usr/src/test (LD_LIBRARY_PATH)
29878: trying file=/usr/src/test/libc.so.6
29878:
29878: find library=libattr.so.1 [0]; searching
29878: search path=/usr/src/test (LD_LIBRARY_PATH)
29878: trying file=/usr/src/test/libattr.so.1
29878:
29878:
29878: calling init: /usr/src/test/libc.so.6
29878:
29878:
29878: calling init: /usr/src/test/libattr.so.1
29878:
29878:
29878: calling init: /usr/src/test/libacl.so.1
29878:
Segmentation fault (core dumped)
#gdb /bin/mv core
GNU gdb 6.7.1
Copyright (C) 2007 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i686-pc-linux-gnu"...
(no debugging symbols found)
Using host libthread_db library "/lib/tls/libthread_db.so.1".
warning: Can't read pathname for load map: Input/output error.
Reading symbols from /usr/src/test/ld-linux.so.2...(no debugging symbols found)...done.
Loaded symbols for ./ld-linux.so.2
Reading symbols from /usr/src/test/libacl.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/src/test/libacl.so.1
Reading symbols from /usr/src/test/libc.so.6...(no debugging symbols found)...done.
Loaded symbols for /usr/src/test/libc.so.6
Reading symbols from /usr/src/test/libattr.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/src/test/libattr.so.1
Reading symbols from /lib/ld-linux.so.2...
(no debugging symbols found)...done.
Loaded symbols for /lib/ld-linux.so.2
(no debugging symbols found)
Core was generated by `/bin/mv'.
Program terminated with signal 11, Segmentation fault.
#0 0xb7eed3df in memset () from ./ld-linux.so.2
(gdb) bt
#0 0xb7eed3df in memset () from ./ld-linux.so.2
#1 0xb7eeb6af in free () from ./ld-linux.so.2
#2 0xb7da3014 in setlocale () from /usr/src/test/libc.so.6
#3 0x08049fdd in ?? ()
#4 0x00000006 in ?? ()
#5 0x0805958a in ?? ()
#6 0x08048fb6 in ?? ()
#7 0x23000000 in ?? ()
#8 0x4d532031 in ?? ()
#9 0x00000020 in ?? ()
#10 0x00000000 in ?? ()
(gdb) q
#locale
LANG=en_US
LC_CTYPE="en_US"
LC_NUMERIC="en_US"
LC_TIME="en_US"
LC_COLLATE=C
LC_MONETARY="en_US"
LC_MESSAGES="en_US"
LC_PAPER="en_US"
LC_NAME="en_US"
LC_ADDRESS="en_US"
LC_TELEPHONE="en_US"
LC_MEASUREMENT="en_US"
LC_IDENTIFICATION="en_US"
LC_ALL=
#export LANG="C"
#LD_DEBUG=libs LD_PRELOAD=./ld-linux.so.2 LD_LIBRARY_PATH=/usr/src/test/ /bin/mv
29917: find library=libacl.so.1 [0]; searching
29917: search path=/usr/src/test/tls/i686/sse2:/usr/src/test/tls/i686:/usr/src/test/tls/sse2:/usr/src/test/tls:/usr/src/test/i686/sse2:/usr/src/test/i686:/usr/src/test/sse2:/usr/src/test (LD_LIBRARY_PATH)
29917: trying file=/usr/src/test/tls/i686/sse2/libacl.so.1
29917: trying file=/usr/src/test/tls/i686/libacl.so.1
29917: trying file=/usr/src/test/tls/sse2/libacl.so.1
29917: trying file=/usr/src/test/tls/libacl.so.1
29917: trying file=/usr/src/test/i686/sse2/libacl.so.1
29917: trying file=/usr/src/test/i686/libacl.so.1
29917: trying file=/usr/src/test/sse2/libacl.so.1
29917: trying file=/usr/src/test/libacl.so.1
29917:
29917: find library=libc.so.6 [0]; searching
29917: search path=/usr/src/test (LD_LIBRARY_PATH)
29917: trying file=/usr/src/test/libc.so.6
29917:
29917: find library=libattr.so.1 [0]; searching
29917: search path=/usr/src/test (LD_LIBRARY_PATH)
29917: trying file=/usr/src/test/libattr.so.1
29917:
29917:
29917: calling init: /usr/src/test/libc.so.6
29917:
29917:
29917: calling init: /usr/src/test/libattr.so.1
29917:
29917:
29917: calling init: /usr/src/test/libacl.so.1
29917:
/bin/mv: missing file operand
Try `/bin/mv --help' for more information.
#LD_DEBUG=all LD_PRELOAD=./ld-linux.so.2 LD_LIBRARY_PATH=/usr/src/test/ slapt-get --install which
strace -E LD_PRELOAD=/usr/src/test/ld-linux.so.2 -E LD_LIBRARY_PATH=/usr/src/test/ locale
execve("/usr/bin/locale", ["locale"], [/* 31 vars */]) = 0
uname({sys="Linux", node="hostname", ...}) = 0
brk(0) = 0x8051000
open("/usr/src/test/ld-linux.so.2", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\10\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=131468, ...}) = 0
mmap2(NULL, 120416, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7f87000
mmap2(0xb7fa3000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b) = 0xb7fa3000
close(3) = 0
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f86000
open("/usr/src/test/tls/i686/sse2/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/src/test/tls/i686/sse2", 0xbf9cd634) = -1 ENOENT (No such file or directory)
open("/usr/src/test/tls/i686/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/src/test/tls/i686", 0xbf9cd634) = -1 ENOENT (No such file or directory)
open("/usr/src/test/tls/sse2/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/src/test/tls/sse2", 0xbf9cd634) = -1 ENOENT (No such file or directory)
open("/usr/src/test/tls/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/src/test/tls", 0xbf9cd634) = -1 ENOENT (No such file or directory)
open("/usr/src/test/i686/sse2/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/src/test/i686/sse2", 0xbf9cd634) = -1 ENOENT (No such file or directory)
open("/usr/src/test/i686/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/src/test/i686", 0xbf9cd634) = -1 ENOENT (No such file or directory)
open("/usr/src/test/sse2/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/src/test/sse2", 0xbf9cd634) = -1 ENOENT (No such file or directory)
open("/usr/src/test/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360d\1"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1570593, ...}) = 0
mmap2(NULL, 1357360, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7e3a000
mprotect(0xb7f7f000, 26160, PROT_NONE) = 0
mmap2(0xb7f80000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x145) = 0xb7f80000
mmap2(0xb7f83000, 9776, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7f83000
close(3) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7e39000
mprotect(0xb7f80000, 8192, PROT_READ) = 0
mprotect(0xb7fa3000, 4096, PROT_READ) = 0
mprotect(0x804e000, 4096, PROT_READ) = 0
set_thread_area({entry_number:-1 -> 6, base_addr:0xb7e396c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
open("/usr/lib/locale/locale-archive", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory)
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++
Process 21240 detached
阅读(1158) | 评论(0) | 转发(0) |
