From owner-freebsd-hackers@FreeBSD.ORG Thu Apr 19 16:38:43 2012 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AE4801065675; Thu, 19 Apr 2012 16:38:43 +0000 (UTC) (envelope-from maninya@gmail.com) Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com [209.85.210.182]) by mx1.freebsd.org (Postfix) with ESMTP id 50F768FC19; Thu, 19 Apr 2012 16:38:43 +0000 (UTC) Received: by iahk25 with SMTP id k25so15836755iah.13 for ; Thu, 19 Apr 2012 09:38:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=s1BSFoODfFM2shQ8bpcyGKE4IWB/5541ytcbvsoPY28=; b=J7MOU37A/rT8SJ+we3zSK1pre5HAC7keeyueqRNuxggBtQrNOZ/4zNEXYipIZiW4xP hWvzs1nc5q0JL0Yxq3TYH5nRYRMd7jxFTejN+KTMDLeh99nL0pqtLgADte4B8pj88Uw4 YshOY+B/OkBw5+PyboBy6lojEB2R3oA82IzOX1WsqsoGNg1tG6b6ox+aASd19DYm3cdU JN8UBVZsmybiI4KPlS153GX6YHrON/JYiuZqJpUNh3L0jrXXEfBuNDA0tx2kHh5m8IHh CltkxzxCdwYMlf5ayfQ1LBVCoRfKwQb1nSqU6pSte6o/fzy4DREKTPgB9Sw2QnIg0Ul4 Svkw== MIME-Version: 1.0 Received: by 10.50.186.231 with SMTP id fn7mr3079468igc.15.1334853522573; Thu, 19 Apr 2012 09:38:42 -0700 (PDT) Received: by 10.42.166.4 with HTTP; Thu, 19 Apr 2012 09:38:42 -0700 (PDT) In-Reply-To: References: <201203290944.11446.jhb@freebsd.org> <201204021642.29578.jhb@freebsd.org> Date: Thu, 19 Apr 2012 22:08:42 +0530 Message-ID: From: Maninya M To: John Baldwin , freebsd-hackers@freebsd.org, Julian Elischer Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: Re: __NR_mmap2 in FreeBSD X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Apr 2012 16:38:43 -0000 Oh and here is the code that worked. Thanks! :) void map_memory(unsigned long addr, unsigned long size, int flags) { int status; char cmd[200]; struct reg regs,temp_regs; unsigned int int_instr = 0x000080cd; /* INT 0x80 */ unsigned int push_eax= 0x00000050; unsigned int orig_instr; sprintf(cmd,"procstat -v %d "/*| grep 0x | awk ' { print $2,$3,$4 } ' | cut -d '%%' -f1 > temp.txt*/,exec_pid); system(cmd); if (ptrace(PT_GETREGS,exec_pid,(caddr_t)®s,0) < 0) die_perror("ptrace(PTRACE_GETREGS,%d,(caddr_t)®s,0)",exec_pid); /*mmap2 system call seems to take arguments as follows: * eax = __NR_mmap2 * ebx = (unsigned long) page aligned address * ecx = (unsigned long) page aligned file size * edx = protection * esi = flags * Other arguments (fd and pgoff) are not required for anonymous mapping */ int i; orig_instr = ptrace(PT_READ_D, exec_pid, (caddr_t)regs.r_eip,0); temp_regs = regs; unsigned int arr[8]={0,0,-1,MAP_ANON|MAP_PRIVATE|MAP_FIXED,flags,size,addr,45}; for(i=0;i<8;i++) { temp_regs.r_eip=regs.r_eip; temp_regs.r_eax=arr[i]; if(ptrace(PT_WRITE_D, exec_pid,(caddr_t)temp_regs.r_eip,push_eax)<0) die_perror("ptrace(PT_WRITE,%d,0x%.8x) while pushing",exec_pid,arr[i]); if(ptrace(PT_SETREGS,exec_pid,(caddr_t)&temp_regs,0)<0) die_perror("ptrace(PT_SETREGS,%d,0x%.8x)%d while pushing",exec_pid,arr[i],i); if(ptrace(PT_STEP, exec_pid, (caddr_t)1, 0)<0) printf("\nafter continue\n"); wait(NULL); if(ptrace(PT_GETREGS, exec_pid,(caddr_t)&temp_regs,0)<0); } temp_regs.r_eip=regs.r_eip; temp_regs.r_eax=SYS_mmap; if (ptrace(PT_WRITE_D,exec_pid,(caddr_t)(temp_regs.r_eip),int_instr) < 0) die_perror("ptrace(PT_WRITE,%d,0x%.8x,INT 0x80) failed while allocating memory",exec_pid,temp_regs.r_eip); if (ptrace(PT_SETREGS,exec_pid,(caddr_t)&temp_regs,0) < 0) { die_perror("ptrace(PT_SETREGS,%d,...) failed while allocating memory",exec_pid); } if (ptrace(PT_STEP,exec_pid,(caddr_t)1,0) < 0) die_perror("ptrace(PT_STEP,...) failed while executing mmap"); //temp_regs.r_esp = temp_regs.r_esp - 28; wait(&status); if (WIFEXITED(status)) die("Restarted process abrubtly (exited with value %d). Aborting Restart.",WEXITSTATUS(status)); else if (WIFSIGNALED(status)) die("Restarted process abrubtly exited because of uncaught signal (%d). Aborting Restart.",WTERMSIG(status)); if (ptrace(PT_GETREGS,exec_pid,(caddr_t)&temp_regs,0) < 0) { die_perror("ptrace(PT_GETREGS,...) failed after executing mmap2 system call"); } //fprintf(stdout,"hello iam here in map_memory() \n"); if (temp_regs.r_eax != addr) warn("Wanted space at address 0x%.8x, mmap2 system call returned 0x%.8x. This could be a problem.",addr,temp_regs.r_eax); else if (cr_options.verbose) fprintf(stdout,"Successfully allocated [0x%.8lx - 0x%.8lx]\n",addr,addr+size); if(ptrace(PT_WRITE_D, exec_pid, (caddr_t)regs.r_eip,orig_instr)<0) die_perror("ptrace(PT_WRITE_D,...) failed after executing mmap2 system call"); //Restore original registers if (ptrace(PT_SETREGS,exec_pid,(caddr_t)®s,0) < 0) { die_perror("ptrace(PT_SETREGS,...) when restoring registering after allocating memory (mmap2)"); } } On 19 April 2012 20:29, Maninya M wrote: > Hello :) > > After a long time trying different combinations of setting register > values, I was finally able to allocate memory to the process. > It doesn't seem to work for processes that use malloc(), so that's why I > was getting a problem. > Thank you very much John Baldwin and Julian Elischer, and to all the other > FreeBSD hackers on this amazing forum. Your patient replies to all my > questions helped a lot! :) > > > > > > On 3 April 2012 02:12, John Baldwin wrote: > >> On Saturday, March 31, 2012 5:40:50 pm Maninya M wrote: >> > Thanks. >> > >> > I've tried this. Still getting some allocation problems. >> > >> > if (temp_regs.r_eax != addr) >> > warn("Wanted space at address 0x%.8x, mmap2 system call returned >> > 0x%.8x. This could be a problem.",addr,temp_regs.r_eax); >> > >> > What can I do? Please help. >> >> Hmm, can you capture a ktrace of the target process during this so you >> can see >> if the kernel sees the mmap request properly? >> >> > >> > void map_memory(unsigned long addr, unsigned long size, int flags) >> > { >> > int status; >> > struct reg regs,temp_regs; >> > unsigned long int_instr = 0x000080cd; /* INT 0x80 */ >> > printf("%x\n",addr); >> > //addr=addr&0xffff0000; >> > if (ptrace(PT_GETREGS,exec_pid,(caddr_t)®s,0) < 0) >> > die_perror("ptrace(PTRACE_GETREGS,%d,(caddr_t)®s,0)",exec_pid); >> > >> > /* mmap2 system call seems to take arguments as follows: >> > * eax = __NR_mmap2 >> > * ebx = (unsigned long) page aligned address >> > * ecx = (unsigned long) page aligned file size >> > * edx = protection >> > * esi = flags >> > * Other arguments (fd and pgoff) are not required for anonymous >> mapping >> > */ >> > temp_regs = regs; >> > >> > //printf("temp=%u, >> \teip=%u\tregs=%u\teip=%u\n",&temp_regs,temp_regs.r_eip,®s,regs.r_eip); >> > // temp_regs.r_eax = __NR_mmap2; >> > temp_regs.r_eax=71; >> > /*temp_regs.r_ebx = addr; >> > temp_regs.r_ecx = size; >> > temp_regs.r_edx = flags; >> > temp_regs.r_esi = MAP_PRIVATE | MAP_ANONYMOUS;*/ >> > //push size >> > >> > //temp_regs.r_eip = temp_regs.r_esp - 4; >> > >> > //printf("temp=%u, >> \teip=%u\tregs=%u\teip=%u\n",&temp_regs,temp_regs.r_eip,®s,regs.r_eip); >> > >> > if (ptrace(PT_WRITE_D,exec_pid,(void *)(temp_regs.r_esp-4),addr) < 0) >> > die_perror("ptrace(PT_WRITE,%d,0x%.8x,0x%.8x) failed >> > ADDER",exec_pid,temp_regs.r_esp,addr); >> > >> > if (ptrace(PT_WRITE_D,exec_pid,(void *)(temp_regs.r_esp-8),size) < 0) >> > die_perror("ptrace(PT_WRITE,%d,0x%.8x,INT 0x80) failed >> > size",exec_pid,temp_regs.r_esp); >> > >> > if (ptrace(PT_WRITE_D,exec_pid,(void *)(temp_regs.r_esp-12),flags) < 0) >> > die_perror("ptrace(PT_WRITE,%d,0x%.8x,INT 0x80) failed >> > protections",exec_pid,temp_regs.r_esp); >> > >> > if (ptrace(PT_WRITE_D,exec_pid,(void >> > *)(temp_regs.r_esp-16),MAP_PRIVATE|MAP_ANON|MAP_FIXED) < 0) >> > die_perror("ptrace(PT_WRITE,%d,0x%.8x,INT 0x80) failed >> > flags",exec_pid,temp_regs.r_esp); >> > >> > if (ptrace(PT_WRITE_D,exec_pid,(void *)(temp_regs.r_esp-20),-1) < 0) >> > die_perror("ptrace(PT_WRITE,%d,0x%.8x,0x%.8x) failed >> > ADDER",exec_pid,temp_regs.r_esp,addr); >> > >> > if (ptrace(PT_WRITE_D,exec_pid,(void *)(temp_regs.r_esp-24),0) < 0) >> > die_perror("ptrace(PT_WRITE,%d,0x%.8x,0x%.8x) failed >> > offset1",exec_pid,temp_regs.r_esp,addr); >> > if (ptrace(PT_WRITE_D,exec_pid,(void *)(temp_regs.r_esp-28),0) < 0) >> > die_perror("ptrace(PT_WRITE,%d,0x%.8x,0x%.8x) failed >> > offset1",exec_pid,temp_regs.r_esp,addr); >> > >> > >> > /* >> > if (ptrace(PT_WRITE_I,exec_pid,(void *)(temp_regs.r_eip),0x000080cd) < >> 0) >> > die_perror("ptrace(PT_WRITE,%d,0x%.8x,INT 0x80) failed while >> allocating >> > memory",exec_pid,temp_regs.r_eip); >> > */ >> > if (ptrace(PT_WRITE_I,exec_pid,(void *)(temp_regs.r_eip),0x000080cd) >> < 0) >> > die_perror("ptrace(PT_WRITE,%d,0x%.8x,INT 0x80) failed while >> allocating >> > memory",exec_pid,temp_regs.r_eip); >> > >> > //temp_regs.r_eip = temp_regs.r_esp - 32; >> > temp_regs.r_esp = temp_regs.r_esp - 28; >> > >> > if (ptrace(PT_SETREGS,exec_pid,(caddr_t)&temp_regs,0) < 0) { >> > die_perror("ptrace(PT_SETREGS,%d,...) failed while allocating >> > memory",exec_pid); >> > } >> > if (ptrace(PT_STEP,exec_pid,NULL,0) < 0) >> > die_perror("ptrace(PT_STEP,...) failed while executing mmap2"); >> > >> > wait(&status); >> > if (WIFEXITED(status)) >> > die("Restarted process abrubtly (exited with value %d). Aborting >> > Restart.",WEXITSTATUS(status)); >> > else if (WIFSIGNALED(status)) >> > die("Restarted process abrubtly exited because of uncaught signal >> (%d). >> > Aborting Restart.",WTERMSIG(status)); >> > >> > if (ptrace(PT_GETREGS,exec_pid,(caddr_t)&temp_regs,0) < 0) { >> > die_perror("ptrace(PT_GETREGS,...) failed after executing mmap2 >> system >> > call"); >> > } >> > //fprintf(stdout,"hello iam here \n"); >> > if (temp_regs.r_eax != addr) >> > warn("Wanted space at address 0x%.8x, mmap2 system call returned >> > 0x%.8x. This could be a problem.",addr,temp_regs.r_eax); >> > else if (cr_options.verbose) >> > >> > fprintf(stdout,"Successfully allocated [0x%.8lx - >> > 0x%.8lx]\n",addr,addr+size); >> > >> > /* Restore original registers */ >> > if (ptrace(PT_SETREGS,exec_pid,(caddr_t)&temp_regs,0) < 0) { >> > die_perror("ptrace(PT_SETREGS,...) when restoring registering after >> > allocating memory (mmap2)"); >> > >> > } >> > } >> > >> > >> > >> > >> > On 29 March 2012 19:14, John Baldwin wrote: >> > >> > > On Thursday, March 29, 2012 9:15:43 am Maninya M wrote: >> > > > Thanks a lot for replying! >> > > > Ok I've tried this to push arguments onto stack. >> > > > Is it right? >> > > > I get an error at this line: >> > > > >> > > > die_perror("ptrace(PT_WRITE,%d,0x%.8x,INT 0x80) failed while >> > > > dasfallocating memory",exec_pid,temp_regs.r_eip); >> > > > >> > > > >> > > > Please tell me what to do. >> > > > >> > > > >> > > > >> > > > >> > > > >> > > > void map_memory(unsigned long addr, unsigned long size, int flags) >> > > > { >> > > > int status; >> > > > struct reg regs,temp_regs; >> > > > unsigned long int_instr = 0x000080cd; /* INT 0x80 */ >> > > > >> > > > if (ptrace(PT_GETREGS,exec_pid,(caddr_t)®s,0) < 0) >> > > > >> die_perror("ptrace(PTRACE_GETREGS,%d,(caddr_t)®s,0)",exec_pid); >> > > > >> > > > /* mmap2 system call seems to take arguments as follows: >> > > > * eax = __NR_mmap2 >> > > > * ebx = (unsigned long) page aligned address >> > > > * ecx = (unsigned long) page aligned file size >> > > > * edx = protection >> > > > * esi = flags >> > > > * Other arguments (fd and pgoff) are not required for anonymous >> > > mapping >> > > > */ >> > > > temp_regs = regs; >> > > > >> > > > //printf("temp=%u, >> > > >> \teip=%u\tregs=%u\teip=%u\n",&temp_regs,temp_regs.r_eip,®s,regs.r_eip); >> > > > // temp_regs.r_eax = __NR_mmap2; >> > > > temp_regs.r_eax=71; >> > > > /*temp_regs.r_ebx = addr; >> > > > temp_regs.r_ecx = size; >> > > > temp_regs.r_edx = flags; >> > > > temp_regs.r_esi = MAP_PRIVATE | MAP_ANONYMOUS;*/ >> > > > //push size >> > > > >> > > > //temp_regs.r_eip = temp_regs.r_esp - 4; >> > > >> > > You still want this, it is putting the instruction on the stack. >> However, >> > > your stack layout is wrong I think. You actually want it to be >> something >> > > like >> > > this: >> > > >> > > r_esp - 4: >> > > r_esp - 8: >> > > r_esp - 12: >> > > r_esp - 16: (MAP_FIXED?) >> > > r_esp - 20: >> > > r_esp - 24: >> > > r_esp - 28: >> > > r_esp - 32: >> > > >> > > Then you want to set: >> > > >> > > r_eip = r_esp - 32; >> > > r_esp -= 28; >> > > >> > > I think you want MAP_FIXED since it complains if the returned address >> > > doesn't >> > > match 'addr' at the end of your routine. However, it might be best >> if you >> > > just compiled a program that called mmap() and then looked at the >> > > disassembly >> > > and to make sure the stack layout is correct. >> > > >> > > > //printf("temp=%u, >> > > >> \teip=%u\tregs=%u\teip=%u\n",&temp_regs,temp_regs.r_eip,®s,regs.r_eip); >> > > > if (ptrace(PT_WRITE_D,exec_pid,(void >> *)(temp_regs.r_esp-4),MAP_PRIVATE | >> > > > MAP_ANONYMOUS) < 0) >> > > > die_perror("ptrace(PT_WRITE,%d,0x%.8x,INT 0x80) failed while >> > > allocating >> > > > memory",exec_pid,temp_regs.r_eip); >> > > > >> > > > if (ptrace(PT_WRITE_D,exec_pid,(void *)(temp_regs.r_esp-8),flags) < >> 0) >> > > > die_perror("ptrace(PT_WRITE,%d,0x%.8x,INT 0x80) failed while >> > > allocating >> > > > memory",exec_pid,temp_regs.r_eip); >> > > > >> > > > if (ptrace(PT_WRITE_D,exec_pid,(void *)(temp_regs.r_esp-12),size) < >> 0) >> > > > die_perror("ptrace(PT_WRITE,%d,0x%.8x,INT 0x80) failed while >> > > allocating >> > > > memory",exec_pid,temp_regs.r_eip); >> > > > >> > > > if (ptrace(PT_WRITE_D,exec_pid,(void *)(temp_regs.r_esp-16), addr) >> < 0); >> > > > die_perror("ptrace(PT_WRITE,%d,0x%.8x,INT 0x80) failed while >> > > > dasfallocating memory",exec_pid,temp_regs.r_eip); >> > > > /* >> > > > if (ptrace(PT_WRITE_I,exec_pid,(void >> *)(temp_regs.r_eip),0x000080cd) < >> 0) >> > > > die_perror("ptrace(PT_WRITE,%d,0x%.8x,INT 0x80) failed while >> > > allocating >> > > > memory",exec_pid,temp_regs.r_eip); >> > > > */ >> > > > if (ptrace(PT_WRITE_I,exec_pid,(void >> *)(temp_regs.r_eip),0x000080cd) < >> > > 0) >> > > > die_perror("ptrace(PT_WRITE,%d,0x%.8x,INT 0x80) failed while >> > > allocating >> > > > memory",exec_pid,temp_regs.r_eip); >> > > > if (ptrace(PT_SETREGS,exec_pid,(caddr_t)&temp_regs,0) < 0) { >> > > > die_perror("ptrace(PT_SETREGS,%d,...) failed while allocating >> > > > memory",exec_pid); >> > > > } >> > > > if (ptrace(PT_STEP,exec_pid,NULL,0) < 0) >> > > > die_perror("ptrace(PT_STEP,...) failed while executing mmap2"); >> > > > >> > > > wait(&status); >> > > > if (WIFEXITED(status)) >> > > > die("Restarted process abrubtly (exited with value %d). Aborting >> > > > Restart.",WEXITSTATUS(status)); >> > > > else if (WIFSIGNALED(status)) >> > > > die("Restarted process abrubtly exited because of uncaught >> signal >> > > (%d). >> > > > Aborting Restart.",WTERMSIG(status)); >> > > > >> > > > if (ptrace(PT_GETREGS,exec_pid,(caddr_t)&temp_regs,0) < 0) { >> > > > die_perror("ptrace(PT_GETREGS,...) failed after executing mmap2 >> > > system >> > > > call"); >> > > > } >> > > > //fprintf(stdout,"hello iam here \n"); >> > > > if (temp_regs.r_eax != addr) >> > > > warn("Wanted space at address 0x%.8x, mmap2 system call returned >> > > > 0x%.8x. This could be a problem.",addr,temp_regs.r_eax); >> > > > else if (cr_options.verbose) >> > > > >> > > > fprintf(stdout,"Successfully allocated [0x%.8lx - >> > > > 0x%.8lx]\n",addr,addr+size); >> > > > >> > > > /* Restore original registers */ >> > > > if (ptrace(PT_SETREGS,exec_pid,(caddr_t)&temp_regs,0) < 0) { >> > > > die_perror("ptrace(PT_SETREGS,...) when restoring registering >> after >> > > > allocating memory (mmap2)"); >> > > > >> > > > } >> > > > } >> > > > >> > > > >> > > > >> > > > >> > > > >> > > > >> > > > On 27 March 2012 17:23, John Baldwin wrote: >> > > > >> > > > > On Monday, March 26, 2012 1:56:08 pm Maninya M wrote: >> > > > > > I am trying to convert a function written for Linux to FreeBSD. >> > > > > > What is the equivalent of the __NR_mmap2 system call in FreeBSD? >> > > > > > >> > > > > > I keep getting the error because of this exception: >> > > > > > warn("Wanted space at address 0x%.8x, mmap2 system call returned >> > > 0x%.8x. >> > > > > > This could be a problem.",addr,temp_regs.eax); >> > > > > >> > > > > I think you could just use plain mmap() for this? >> > > > > >> > > > > However, it seems that this is injecting a call into an existing >> > > binary, >> > > > > not calling mmap() directly. A few things will need to change. >> First, >> > > > > FreeBSD system calls on i386 put their arguments on the stack, >> not in >> > > > > registers, so you will need to do a bit more work to push the >> arguments >> > > > > onto >> > > > > the stack rather than just setting registers. >> > > > > >> > > > > > I changed >> > > > > > temp_regs.eax = __NR_mmap2; >> > > > > > to >> > > > > > temp_regs.eax = 192; >> > > > > > >> > > > > > but it didn't work. I suppose I couldn't understand this >> function. >> > > Please >> > > > > > help. >> > > > > > >> > > > > > This is the function: >> > > > > > >> > > > > > void map_memory(unsigned long addr, unsigned long size, int >> flags) >> > > > > > { >> > > > > > int status; >> > > > > > struct user_regs_struct regs,temp_regs; >> > > > > > unsigned long int_instr = 0x000080cd; /* INT 0x80 */ >> > > > > > >> > > > > > if (ptrace(PTRACE_GETREGS,exec_pid,NULL,®s) < 0) >> > > > > > die_perror("ptrace(PTRACE_GETREGS,%d,NULL,®s)",exec_pid); >> > > > > > >> > > > > > /* mmap2 system call seems to take arguments as follows: >> > > > > > * eax = __NR_mmap2 >> > > > > > * ebx = (unsigned long) page aligned address >> > > > > > * ecx = (unsigned long) page aligned file size >> > > > > > * edx = protection >> > > > > > * esi = flags >> > > > > > * Other arguments (fd and pgoff) are not required for >> anonymous >> > > > > mapping >> > > > > > */ >> > > > > > temp_regs = regs; >> > > > > > temp_regs.eax = __NR_mmap2; >> > > > > > temp_regs.ebx = addr; >> > > > > > temp_regs.ecx = size; >> > > > > > temp_regs.edx = flags; >> > > > > > temp_regs.esi = MAP_PRIVATE | MAP_ANONYMOUS; >> > > > > > temp_regs.eip = temp_regs.esp - 4; >> > > > > > >> > > > > > if (ptrace(PTRACE_POKETEXT,exec_pid,(void >> > > > > > *)(temp_regs.eip),(void*)int_instr) < 0) >> > > > > > die_perror("ptrace(PTRACE_POKETEXT,%d,0x%.8x,INT 0x80) >> failed >> > > while >> > > > > > allocating memory",exec_pid,temp_regs.eip); >> > > > > > if (ptrace(PTRACE_SETREGS,exec_pid,NULL,&temp_regs) < 0) { >> > > > > > die_perror("ptrace(PTRACE_SETREGS,%d,...) failed while >> allocating >> > > > > > memory",exec_pid); >> > > > > > } >> > > > > > if (ptrace(PTRACE_SINGLESTEP,exec_pid,NULL,NULL) < 0) >> > > > > > die_perror("ptrace(PTRACE_SINGLESTEP,...) failed while >> executing >> > > > > > mmap2"); >> > > > > > >> > > > > > wait(&status); >> > > > > > if (WIFEXITED(status)) >> > > > > > die("Restarted process abrubtly (exited with value %d). >> Aborting >> > > > > > Restart.",WEXITSTATUS(status)); >> > > > > > else if (WIFSIGNALED(status)) >> > > > > > die("Restarted process abrubtly exited because of uncaught >> signal >> > > > > (%d). >> > > > > > Aborting Restart.",WTERMSIG(status)); >> > > > > > >> > > > > > if (ptrace(PTRACE_GETREGS,exec_pid,NULL,&temp_regs) < 0) { >> > > > > > die_perror("ptrace(PTRACE_GETREGS,...) failed after >> executing >> > > mmap2 >> > > > > > system call"); >> > > > > > } >> > > > > > >> > > > > > if (temp_regs.eax != addr) >> > > > > > warn("Wanted space at address 0x%.8x, mmap2 system call >> returned >> > > > > > 0x%.8x. This could be a problem.",addr,temp_regs.eax); >> > > > > > else if (cr_options.verbose) >> > > > > > fprintf(stdout,"Successfully allocated [0x%.8lx - >> > > > > > 0x%.8lx]\n",addr,addr+size); >> > > > > > >> > > > > > /* Restore original registers */ >> > > > > > if (ptrace(PTRACE_SETREGS,exec_pid,NULL,®s) < 0) { >> > > > > > die_perror("ptrace(PTRACE_SETREGS,...) when restoring >> registering >> > > > > after >> > > > > > allocating memory (mmap2)"); >> > > > > > } >> > > > > > } >> > > > > > >> > > > > > -- >> > > > > > Maninya >> > > > > > _______________________________________________ >> > > > > > freebsd-hackers@freebsd.org mailing list >> > > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers >> > > > > > To unsubscribe, send any mail to " >> > > > > freebsd-hackers-unsubscribe@freebsd.org" >> > > > > > >> > > > > >> > > > > -- >> > > > > John Baldwin >> > > > > >> > > > >> > > > >> > > > >> > > > -- >> > > > Maninya >> > > > >> > > >> > > -- >> > > John Baldwin >> > > >> > >> > >> > >> > -- >> > Maninya >> > >> >> -- >> John Baldwin >> > > > > -- > Maninya > -- Maninya