5
edits
Changes
→2014-09-19
* Start writing doc about the operating systems and how they work.
* Linux and Windows: investigate if inter-region searches are needed.
===== About memory protection on OS X: =====
We were getting some errors while trying to read memory with mach_vm_read because of memory protection in very simple test processes.
The errors were because we tried to read regions of the memory that were used as stack guards and preallocated ones for malloc bookkeeping, which don't have read, write nor execute access. Other processes have even more regions like this (webkit, for example, has a second version of malloc regions, and something similar for it's JS JIT'ed code).
Debuggers change protections (if needed) before reading a region and then restore the original one. This is safe while the process is paused, but if not, a race condition may make you restore an old protection and the process may crash.
Possible solutions:
* Don't read non-readable regions. CONS: It'd be trivial to avoid MIG's memory scanner if we do this.
* Pause while accessing non-readable regions. In general this regions are just a small percentage of the entire address-space.
* Don't pause the process and pray it doesn't crash.
=== 2014-09-12 ===
