gdb 会暂时给页面写权限吗? [英] Does gdb temporarily give pages write permission?
问题描述
我正在调试 Linux 应用程序中的 seg 错误,该错误是由程序试图更改静态常量数组结构引起的(因此数据位于 ELF 的只读部分中,随后加载到页面中授予只读权限).
I was debugging a seg fault in a Linux app that was caused by a program trying to change a static constant array structure (so the data was in the read-only section of the ELF and subsequently loaded in a page that was then given read-only permission).
在 GDB 中,我在执行错误存储的汇编程序行上放置了一个断点,当它停在那里时,我使用 GDB 手动执行了等效的写入操作.GDB 毫无怨言地做到了这一点,并且读回该值证明它确实已被写入.我查看了/proc/thepid/maps 并且该特定页面仍被标记为不可写".
While in GDB I put a breakpoint on the line of assembler that did the bad store, and when it stopped there I manually performed the equivalent write action using GDB. GDB did this without any complaints, and reading the value back proved it had indeed been written. I looked in /proc/thepid/maps and that particular page was still marked as "not writeable".
所以我的问题是:GDB 是否临时在只读页面上设置写入权限,执行写入,然后重置权限?谢谢.
So my question is: does GDB temporarily set write permissions on a read-only page, perform the write, then reset the permissions? Thanks.
推荐答案
GDB 是否临时设置写权限
does GDB temporarily set write permissions
没有.
在 Linux/*86 上,ptrace()
(这是 GDB 用来读取和写入劣质(正在调试的)进程内存的方法)允许对不可读/可写的页面进行读写由劣等人,导致您所描述的混乱.
On Linux/*86, ptrace()
(which is what GDB uses to read and write the inferior (being debugged) process memory) allows reads and writes to pages that are not readable/writable by the inferior, leading exactly to the confusion you've described.
这可能被认为是内核中的错误.
This could be considered a bug in the kernel.
需要注意的是,内核已经允许 ptrace 写入通常不可写的 .text
部分,以便调试器能够植入断点(即通过使用断点/陷阱指令覆盖原始指令来完成 -- int3
通过 PTRACE_POKETEXT
请求).
It should be noted that the kernel has to allow ptrace to write to normally non-writable .text
section for the debugger to be able to plant breakpoints (which is done by overwriting original instruction with the breakpoint/trap instruction -- int3
via PTRACE_POKETEXT
request).
内核不必为 POKE_DATA
做同样的事情,但是 man ptrace
说:
The kernel doesn't have to do the same for POKE_DATA
, but man ptrace
says:
PTRACE_POKETEXT, PTRACE_POKEDATA
Copies the word data to location addr in the child's memory.
As above, the two requests are currently equivalent.
我相信正是这种等价性导致了当前的行为.
I believe it's that equivalentness that causes the current behavior.
这篇关于gdb 会暂时给页面写权限吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!