From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: cygwin-patches@cygwin.com
Subject: Re: [PATCH 0/8] Fix dumper for x86_64
Date: Mon, 6 Jul 2020 10:12:00 +0200 [thread overview]
Message-ID: <20200706081200.GA514059@calimero.vinschen.de> (raw)
In-Reply-To: <b2a72bb3-1852-46fe-81d2-0107c0076564@dronecode.org.uk>
On Jul 5 17:49, Jon Turney wrote:
> On 02/07/2020 08:44, Corinna Vinschen wrote:
> > On Jul 1 22:29, Jon Turney wrote:
> > >
> > > This needs to be aligned with some changes to gdb to consume the dumps it
> > > produces, so it's probably best to hold off applying this until it's more
> > > obvious what's going to happen with those.
> > >
> > > Random notes:
> > >
> > > - objdump identifies the output of dumper on x86_64 as
> > > 'elf64-x86-64-cloudabi' (perhaps due to some over-eager sniffer).
> > >
> > > - regions excluded from the dump aren't rounded up to page size, so we may
> > > end up writing the excess into the dump.
> > >
> > > - looking at the loaded modules and inspecting them to determine what memory
> > > regions don't need to appear in the dump seems odd. I'm not sure we don't
> > > just exclude MEMORY_BASIC_INFORMATION.Type == MEM_IMAGE regions (assuming
> > > they get converted to MEM_PRIVATE regions if written when copy-on-write).
>
> Unfortunately, that doesn't happen, and the region appears to stay
> MEM_IMAGE, even if it's been modified.
>
> I'm inclined to just dump MEM_IMAGE regions if they are writable (although
> using the current protection isn't 100% correct, because it may have been
> changed using VirtualProtect())
>
> I suspect there's probably some undocumented MemoryInformationClass for
> NtQueryVirtualMemory() that would let us determine if a region is sharable
> or not, but ...
Surprisingly, there's nothing undocumented in NtQueryVirtualMemory and
the API is fully exposed by VirtualQuery(Ex).
What about the two protection fields in MEMORY_BASIC_INFORMATION? If
something changed, Protect != AllocationProtect. Is that insufficient
to handle your case?
Corinna
--
Corinna Vinschen
Cygwin Maintainer
next prev parent reply other threads:[~2020-07-06 8:12 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-01 21:25 Jon Turney
2020-07-01 21:25 ` [PATCH 1/8] Cygwin: Slightly improve error_start documentation Jon Turney
2020-07-01 21:25 ` [PATCH 2/8] Cygwin: Update ELF target used by dumper on x86_64 Jon Turney
2020-07-01 21:25 ` [PATCH 3/8] Cygwin: Add a new win32_pstatus data type for modules " Jon Turney
2020-07-01 21:25 ` [PATCH 4/8] Cygwin: Make dumper scan more than first 4GB of VM " Jon Turney
2020-07-01 21:25 ` [PATCH 5/8] Cygwin: Fix bfd target for parsing PE files on x86_64 in dumper Jon Turney
2020-07-01 21:25 ` [PATCH 6/8] Cygwin: Fix dumper region order/overlap checking Jon Turney
2020-07-01 21:25 ` [PATCH 7/8] Cygwin: Handle excluded regions more robustly in dumper Jon Turney
2020-07-01 21:25 ` [PATCH 8/8] Cygwin: Consider DLL rebasing when computing dumper exclusions Jon Turney
2020-07-02 7:43 ` Corinna Vinschen
2020-07-02 7:48 ` Corinna Vinschen
2020-07-03 13:10 ` Jon Turney
2020-07-03 19:34 ` Corinna Vinschen
2020-07-01 21:29 ` [PATCH 0/8] Fix dumper for x86_64 Jon Turney
2020-07-02 7:44 ` Corinna Vinschen
2020-07-05 16:49 ` Jon Turney
2020-07-06 8:12 ` Corinna Vinschen [this message]
2020-07-06 13:34 ` Jon Turney
2020-07-06 18:10 ` Corinna Vinschen
2020-07-12 14:47 ` Jon Turney
2020-07-02 7:47 ` Corinna Vinschen
2020-07-05 16:45 ` [PATCH 9/8] Add all memory regions details to dumper debug output Jon Turney
2020-07-05 16:45 ` [PATCH 10/8] Remove PE reading for section flags from dumper Jon Turney
2020-07-05 16:45 ` [PATCH 11/8] Drop excluded regions list " Jon Turney
2020-07-05 16:45 ` [PATCH 12/8] Don't dump non-writable image regions Jon Turney
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200706081200.GA514059@calimero.vinschen.de \
--to=corinna-cygwin@cygwin.com \
--cc=cygwin-patches@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).