gdb是否暂时给页面写入权限? [英] Does gdb temporarily give pages write permission?
问题描述
我在一个Linux应用程序中调试seg故障,这是由于程序试图改变静态常量数组结构引起的(所以数据位于ELF的只读部分,然后加载到当时的页面中给予只读权限)。
在GDB中,我在汇编器中放置了一个断点,这个断点执行了不良存储,当它停在那里时,我使用GDB手动执行等效的写操作。广发行无任何抱怨地做了这件事,并且读回价值证明它的确写过。我查看了/ proc / thepid / maps,并且该特定页仍被标记为不可写入。
所以我的问题是:GDB是否暂时设置了写权限只读页面,执行写入,然后重置权限?
是否允许GDB临时设置写入权限?
blockquote>
否。
在Linux / * 86上,
ptrace()
(这是GDB用来读写低级(被调试的)进程内存的东西)允许读取和写入页面,这些页面不能被下层读/写,这完全导致了你描述的混乱。
这可能被认为是内核中的一个bug。
值得注意的是内核 em>允许ptrace写入通常不可写入的
.text
部分,以便调试器能够设置断点(这是通过用断点/陷阱覆盖原始指令完成的指令 -int3
通过PTRACE_POKETEXT
请求)。
内核不必为
POKE_DATA
,但是man ptrace
表示:PTRA CE_POKETEXT,PTRACE_POKEDATA
将单词数据复制到孩子记忆中的位置地址。
如上所述,这两个请求目前是相同的。
我相信这就是导致当前行为的等价性。
I was debugging a seg fault in a Linux app that was caused by a program trying to change a static constant array structure (so the data was in the read-only section of the ELF and subsequently loaded in a page that was then given read-only permission).
While in GDB I put a breakpoint on the line of assembler that did the bad store, and when it stopped there I manually performed the equivalent write action using GDB. GDB did this without any complaints, and reading the value back proved it had indeed been written. I looked in /proc/thepid/maps and that particular page was still marked as "not writeable".
So my question is: does GDB temporarily set write permissions on a read-only page, perform the write, then reset the permissions? Thanks.
解决方案does GDB temporarily set write permissions
No.
On Linux/*86,
ptrace()
(which is what GDB uses to read and write the inferior (being debugged) process memory) allows reads and writes to pages that are not readable/writable by the inferior, leading exactly to the confusion you've described.This could be considered a bug in the kernel.
It should be noted that the kernel has to allow ptrace to write to normally non-writable
.text
section for the debugger to be able to plant breakpoints (which is done by overwriting original instruction with the breakpoint/trap instruction --int3
viaPTRACE_POKETEXT
request).The kernel doesn't have to do the same for
POKE_DATA
, butman ptrace
says:PTRACE_POKETEXT, PTRACE_POKEDATA Copies the word data to location addr in the child's memory. As above, the two requests are currently equivalent.
I believe it's that equivalentness that causes the current behavior.
这篇关于gdb是否暂时给页面写入权限?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!