Re: Race condition in Mach/Hurd?
On Tue, 2011-05-10 at 13:34 +0200, Samuel Thibault wrote:
> > It's not so simple as you say: I have now found out where the
> > mach_port_deallocate_debug variable is in gnumach-1.3.99-486-dbg (copied
> > from boot and uncompressed). I have two alternatives:
> > 1) Write a one into that address without using the kernel debugger, how?
> That's an option. Use objdump -d gnumach-1.3.99-486-dbg to determine the
> file offset of the variable, and use a hex editor. It's really not the
> simplest way.
Well objdump gave a lot of hits for mach_port_deallocate but
mach_port_deallocate_debug was not found. And the addresses are
different from the hex editor. Anyway using objdump -D I found it:
2c10c0: 00 00 add %al,(%eax)
2c10c4: 00 00 add %al,(%eax)
In emacs :-) I can see the hex code. But from there I cannot see where
to replace a 0 with a 1:
002c10c0: 2318 0614 1600 000a etc.
Where to write? (It's been a long time since I even touched assembly or
> > 2) Uncompress it at /boot
> > Start the debugger with C-A-d. Does this work on an uncompressed image?
> > w 002c10c0 1
> > cont
> There's a misunderstanding: w writes in the living kernel and has
> immediate non-permanent effect, not in /boot.
Partly understood, does this command apply to the -dbg version of
gnumach in the running kernel? The ordinary kernel is stripped from
> > and then, how to exit the debugger?
> That's what cont is for.
> > When should I start the kernel debuggger, before or after triggering:
> > 5040ee18 deallocating an invalid port 340, most probably a bug.
> > Is there any help available for the kernel debugger?
> There are documentations on the net, the debugger is BSD's ddb.