I want to break whenchmodified.I usedwatch chin gdb,it does not work.
Something like ch=1;will break.Why read()not?
Is is right use watch command like this. Or the read()function is Special?
Sorry for my English, Code say all things.
file 1.c:
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <stdio.h>
const char *const filename = "/etc/passwd";
int main(void)
{
int fd;
int ch;
fd = open(filename, O_RDONLY);
read(fd, &ch, sizeof(int));
printf ("%d\n", ch);
close (fd);
return 0;
}
gcc -g 1.c
debugging:
$ gdb a.out
GNU gdb (GDB) 7.4.1-debian
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /home/zodiac1111/tmp/a.out...done.
(gdb) b main
Breakpoint 1 at 0x80484b5: file 1.c, line 11.
(gdb) r
Starting program: /home/zodiac1111/tmp/a.out
Breakpoint 1, main () at 1.c:11
11 fd = open(filename, O_RDONLY);
(gdb) watch ch
Hardware watchpoint 2: ch
(gdb) c
Continuing.
1953460082
Watchpoint 2 deleted because the program has left the block in
which its expression is valid.
__libc_start_main (main=0x80484ac <main>, argc=1, ubp_av=0xbffff4c4,
init=0x8048530 <__libc_csu_init>, fini=0x8048520 <__libc_csu_fini>,
rtld_fini=0xb7ff0590, stack_end=0xbffff4bc) at libc-start.c:260
260 libc-start.c: No such dir...
(gdb) c
Continuing.
[Inferior 1 (process 9513) exited normally]
For a normal implementation of read(), the write to the memory will be performed directly by the kernel, not by any userspace code. The debugger does not have the mechanisms to put a breakpoint in the kernel, and even if it did, it wouldn't have permission to do so.