0

I want to debug a process with gdb into Linux system, but the problem is that process pings /dev/watchdog so when I tried to debug it, it stop the process for longer than the watchdog interval so the system is rebooting.

One solution is to patch the binary so it will not use /dev/watchdog and than reboot the system so the "new" binary will run.

But sometime I can't do this solution because I don't want to reboot the system. And I don't control on system's startup script(that activate the watchdog)

Is there another solution?

Improve this question
5
  • The question is if you're in control of starting said process. Also you don't mention if this is Linux. If you are and if it is, what I'd be doing first of all would be to see which libc function is used to open /dev/watchdog. Suppose it's open for a second. In this case you could overwrite it and open your own "whatever" (return some magic number) and overwrite read/write as appropriate. The - by far - simplest solution would be to use LD_PRELOAD and provide your own mock versions of those functions. Depends...
    – 0xC0000022L
    Commented May 18, 2020 at 19:28
  • @0xC0000022L You are referring to system calls hooking, is that correct?
    – Abdullah Mohamed
    Commented Apr 14, 2021 at 9:49
  • Nope, I don't know how you'd do that from userland or if that's even possible on Linux. LD_PRELOAD (ab)uses the fact that symbols defined by a shared object take precedence by load order. And therefore if you preload a particular custom shared object you can hook functions used by a binary or (other) shared object.
    – 0xC0000022L
    Commented Apr 14, 2021 at 13:58
  • @0xC0000022L see my edit. That Linux,and I don't control on system startup script.
    – yfr24493AzzrggAcom
    Commented Apr 15, 2021 at 5:58
  • Still too little information then, sorry. You seem to be willing to only give information piecemeal, but for a comprehensive answer you have to give comprehensive information. For example on a modern system you could use bubblewrap or similar to effectively deny your application to be debugged the ability to reboot, so even though /dev/watchdog would be an issue it won't inside a namespace or without the capability to reboot the system. Either way, if you don't control the startup script (of what ... /etc/rc?) what do you control?
    – 0xC0000022L
    Commented Apr 15, 2021 at 13:46

1 Answer 1

Reset to default
1

Assuming you are using Linux and a loadable watchdog module (like ipmi_watchdog), you could try to modify the value of the corresponding module's action parameter, like using none instead of reset.

Then the watchdog will fire, but nothing will happen (except an event log message in the BMC, maybe).

Improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.