site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com On Jan 24, 2008, at 1:09 AM, Brian Doyle wrote: I've written a kext which, quite simply, does this: typedef void (*CFunctionPointer)(void); baz = *foo; // read ok *foo = bar; // write panic The panic log states "Memory access exception (1,0,0)". Don't do that. = Mike _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... CFunctionPointer *foo = <some location containing a function pointer>; CFunctionPointer bar = <&some function>; CFunctionPointer baz; I'm guessing the memory I'm trying to write to has VM_PROT_WRITE disabled, but I'm not sure how to verify that (vm_region() on the address foo causes a different panic, namely a null-pointer dereference crash down in vm_map_lookup_entry()). I've noticed that when I'm two-machine debugging with gdb I can set the value *foo directly from the gdb command line with no problem. This is all well-and-good, but I need to be able to replace this function pointer from my kext. I gave vm_protect() a try but that crashed too, in the same place as vm_region(). Can anyone help? I would certainly appreciate it! If it's your function pointer, you should be able to manipulate it just fine. If it's not your function pointer, you should leave it alone. The way you wrote the above, it appears likely that you are trying to patch some part of the kernel. This email sent to site_archiver@lists.apple.com