site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com Hey Brian, On Jan 24, 2008, at 1:39 PM, Brian Doyle wrote: Answered my own question. Hooray for having the source to the O/S. -b --gc On Jan 24, 2008, at 1:09 AM, Brian Doyle wrote: Hello, I've written a kext which, quite simply, does this: typedef void (*CFunctionPointer)(void); baz = *foo; // read ok *foo = bar; // write panic The panic log states "Memory access exception (1,0,0)". Can anyone help? I would certainly appreciate it! Thanks, Brian _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/lists%40balance-softwar... This email sent to lists@balance-software.com _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/gcummings%40apple.com ____________________________________________________________________ Garth Cummings gcummings@apple.com Sr. Software Engineer Apple Developer Technical Support <http://developer.apple.com/technicalsupport> _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... Turns out moving bar to an IOBufferMemoryDescriptory::inTaskWithPhysicalMask() and using bcopy_phys() gets the job done. ps. - I still understand "why I shouldn't do this" but I have yet to come up with a better approach that doesn't require polling. Yeah, your approach is totally unsupported and is highly likely to break in the future. I hope this is for your own experimentation and not a commercial product. So what do you want to do when the boot device changes? Seems we should address the question from that angle in case it can lead to a hack-free solution. CFunctionPointer *foo = <some location containing a function pointer>; CFunctionPointer bar = <&some function>; CFunctionPointer baz; I'm guessing the memory I'm trying to write to has VM_PROT_WRITE disabled, but I'm not sure how to verify that (vm_region() on the address foo causes a different panic, namely a null-pointer dereference crash down in vm_map_lookup_entry()). I've noticed that when I'm two-machine debugging with gdb I can set the value *foo directly from the gdb command line with no problem. This is all well-and-good, but I need to be able to replace this function pointer from my kext. I gave vm_protect() a try but that crashed too, in the same place as vm_region(). This email sent to gcummings@apple.com This email sent to site_archiver@lists.apple.com