Re: GDB library to insert and delete watchpoints

Re: GDB library to insert and delete watchpoints

[Paul Pluzhnikov]

On Mon, Nov 30, 2009 at 3:18 PM, Aravinda <aravindakidambi@gmail.com> wrote:

> Im working on a project that currently requires inserting and deleting
> watchpoints to monitor buffer overruns.

AFAIU, on x86 you can monitor at most 4 addresses, since that's all
the debug registers it got. That makes using HW watchpoints for
overrun detection of dubious value (unless you only care about
overrunning a very small set of buffers).

> I was looking at the
> gdb-internals documentation which talks about a gdb library that can
> be used to do exactly this.

It can't be (at lease not without a lot of work). Please see this
message and thread: http://sourceware.org/ml/gdb/2009-08/msg00003.html

> But I couldnt find more info on this. Im
> looking for a ready to use library to be used with a kernel module
> that allows for modifying the debug registers. kindly point me to any
> sources if it can be done.

AFAICT, such a library does not exist.

Cheers,
-- 
Paul Pluzhnikov

Re: GDB library to insert and delete watchpoints

[Dave Korn]

Paul Pluzhnikov wrote:
> On Mon, Nov 30, 2009 at 3:18 PM, Aravinda <aravindakidambi@> wrote:

>> I was looking at the
>> gdb-internals documentation which talks about a gdb library that can
>> be used to do exactly this.
> 
> It can't be (at lease not without a lot of work). Please see this
> message and thread: http://sourceware.org/ml/gdb/2009-08/msg00003.html
> 
>> But I couldnt find more info on this. Im
>> looking for a ready to use library to be used with a kernel module
>> that allows for modifying the debug registers. kindly point me to any
>> sources if it can be done.
> 
> AFAICT, such a library does not exist.

  I think this is a misunderstanding; I think Aravinda is referring to the x86
watchpoint support functions, which the internals documentation does indeed
describe as "a generic library of functions [ ... that x86-based ports can use
to implement support for watchpoints and hardware-assisted breakpoints ...]"

http://sourceware.org/gdb/current/onlinedocs/gdbint/Algorithms.html#index-x86-debug-registers-40

  Aravinda, they're only useful within the gdb executable itself; they don't
form a standalone library that could be loaded into a kernel module.  Of
course you could always rip the relevant sources out of gdb and hack them up
into something useful - assuming you're using an x86 target that is.

    cheers,
      DaveK

Re: GDB library to insert and delete watchpoints

[Jan Kratochvil]

On Tue, 01 Dec 2009 00:18:15 +0100, Aravinda wrote:
> But I couldnt find more info on this.  Im looking for a ready to use library

Not a library but if you look just for the code you can based it on:
	http://sources.redhat.com/cgi-bin/cvsweb.cgi/~checkout~/tests/ptrace-tests/tests/watchpoint.c?cvsroot=systemtap

> to be used with a kernel module
> that allows for modifying the debug registers.

Debug registers needed for hardware watchpoints are accessible from userland
via standard ptrace(2) with no other kernel support required.


Regards,
Jan

Re: GDB library to insert and delete watchpoints

[Stan Shebs]

Aravinda wrote:
> Hi,
>
> Im working on a project that currently requires inserting and deleting
> watchpoints to monitor buffer overruns. I was looking at the
> gdb-internals documentation which talks about a gdb library that can
> be used to do exactly this. But I couldnt find more info on this. Im
> looking for a ready to use library to be used with a kernel module
> that allows for modifying the debug registers. kindly point me to any
> sources if it can be done.
>   
It just so happens that CodeSourcery recently did this for a customer 
that was using a debugging stub that ran as one of several threads in 
the application.  It does need its own driver to modify the debug 
registers, and the stub calls it once it has done the bit-twiddling on 
mirrors of the registers.  While it works well enough to have one thread 
set the debug registers of a different thread in a Linux app, there is 
some fancy dancing to make this work in nonstop - with all the threads 
running at once, you can get nasty races all over the place.  
Unfortunately, this is all CodeSourcery proprietary code and 
intermingled with the customer's app to boot, so I can't send you a copy.

Stan

Re: GDB library to insert and delete watchpoints

[Aravinda]

Hi,

Thank you for all of your replies and suggestions.

Yah, Im assuming a simple case for now of only debugging a single
thread/process. Also, its actually a little different since Im not
trying to have a separate debugging thread to do this job. I have a
single threaded application that I want to be safe from buffer
overruns all the time, that doesnt have more than 4 levels of nested
loops, so 4 debug register should do just good for this. And Im trying
to do it automatically by instrumenting GCC to add a call (before
array accesses) to a custom library function that inserts a
watchpoint. I wanted to write a C library that manages mirror
registers and occasionally makes a system call/invokes a driver to put
the value in the debug register.

I have never used ptrace before and need to lookup on it, but the code
that I saw was for a parent process modifying the contents of debug
registers for the child. So im assuming I can either call ptrace from
the same process to modify the contents or have to write a driver to
manipulate debug registers.

Thanks,
Aravinda

On Fri, Dec 4, 2009 at 3:51 AM, Stan Shebs <stan@codesourcery.com> wrote:
>
> Aravinda wrote:
>>
>> Hi,
>>
>> Im working on a project that currently requires inserting and deleting
>> watchpoints to monitor buffer overruns. I was looking at the
>> gdb-internals documentation which talks about a gdb library that can
>> be used to do exactly this. But I couldnt find more info on this. Im
>> looking for a ready to use library to be used with a kernel module
>> that allows for modifying the debug registers. kindly point me to any
>> sources if it can be done.
>>
>
> It just so happens that CodeSourcery recently did this for a customer that was using a debugging stub that ran as one of several threads in the application.  It does need its own driver to modify the debug registers, and the stub calls it once it has done the bit-twiddling on mirrors of the registers.  While it works well enough to have one thread set the debug registers of a different thread in a Linux app, there is some fancy dancing to make this work in nonstop - with all the threads running at once, you can get nasty races all over the place.  Unfortunately, this is all CodeSourcery proprietary code and intermingled with the customer's app to boot, so I can't send you a copy.
>
> Stan
>

Re: GDB library to insert and delete watchpoints

[Jan Kratochvil]

On Fri, 04 Dec 2009 17:20:57 +0100, Aravinda wrote:
> that I want to be safe from buffer overruns all the time,

FYI there is `gcc -fmudflap -lmudflap'.


Regards,
Jan

Re: GDB library to insert and delete watchpoints

[Aravinda]

Thanks Jan,

I am aware of the mudflap gcc option. Since software buffer overrun
protection is slow, the work im doing is kind of to experiment and see
if there is any substantial runtime improvement by using debug
resgisters to monitor buffer overflows.

Thanks,
Aravinda

On Fri, Dec 4, 2009 at 12:11 PM, Jan Kratochvil
<jan.kratochvil@redhat.com> wrote:
>
> On Fri, 04 Dec 2009 17:20:57 +0100, Aravinda wrote:
> > that I want to be safe from buffer overruns all the time,
>
> FYI there is `gcc -fmudflap -lmudflap'.
>
>
> Regards,
> Jan

Re: GDB library to insert and delete watchpoints

[Joel Brobecker]

> It just so happens that CodeSourcery recently did this for a
> customer that was using a debugging stub that ran as one of several
> threads in the application.

This reminds me of another interesting approach that one of our
customers implemented.  In their setup, the software was hooked to
a hardware that needed some trajectory info sent at a given frequency
(about 10Hz IIRC).  The problems started when they were trying to
debug problems, because the debugger would stop all threads. So,
what they did was implement their own gdbserver stub, embedded in
their application.  That stub would control start/stop etc in a way
that the motion threads remain alive and kicking while the rest of
the application is being inspected... AFAIK, they made it work
(this was on Windows).

-- 
Joel