Re: BUG: PTRACE_POKETEXT modifies memory in related processes

Daniel Jacobowitz (dan@debian.org)
Thu, 31 Jan 2002 11:06:59 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andi Kleen: "Re: [PATCH] Slab cache name fixes / reiserfs boot bug fix."
Previous message: Hans Reiser: "[PATCH] 2.4 ReiserFS rename bugfix"

On Thu, Jan 31, 2002 at 02:43:00AM -0800, Nathan Field wrote:
> I believe I have found a bug in recent 2.4 linux kernels (at least 2.4.17)
> running on x86 related to using ptrace to modify a processes memory. From
> a quick scan of the 2.4.17 code it looks like ptrace.c:access_process_vm
> is not checking to see if the page of memory it is writing to has write
> permission, so it is not properly copy-on-write'ing. This means that if I
> have a simple program like this:

I don't think you're correctly understanding the circumstances. Are
you setting the breakpoint after they fork (seems unlikely, given this
test case - not much time to do so)? Otherwise, the breakpoint is
simply being carried over by your forking. Why you see it now and did
not before I don't know.

I see the same behavior with both software and hardware watchpoints.

Basically, GDB on Linux does not support fork very well. It doesn't
show up terribly often, because exec() clears breakpoints.

COW doesn't come into it. The page is being modified before it is
copied.

-- 
Daniel Jacobowitz                           Carnegie Mellon University
MontaVista Software                         Debian GNU/Linux Developer
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Andi Kleen: "Re: [PATCH] Slab cache name fixes / reiserfs boot bug fix."
Previous message: Hans Reiser: "[PATCH] 2.4 ReiserFS rename bugfix"