This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
Re: [PATCH] Kprobes- robust fault handling for i386
- From: Jim Keniston <jkenisto at us dot ibm dot com>
- To: prasanna at in dot ibm dot com
- Cc: SystemTAP <systemtap at sources dot redhat dot com>
- Date: 23 Feb 2006 17:32:24 -0800
- Subject: Re: [PATCH] Kprobes- robust fault handling for i386
- Organization:
- References: <20060222071307.GA31873@in.ibm.com>
On Tue, 2006-02-21 at 23:13, Prasanna S Panchamukhi wrote:
> Hi,
>
> Below is the prototype for robust fault handling, as of now
> this patch is for i386 architecture and should be easily
> ported to other architectures. Your comments and suggestions
> are welcome. This patch has been tested for page faults that
> occur while accessing user address space data. Support needs
> to be added for cases such as divide by zero, NULL pointer
> dereference, etc. Also as of now we increment the nmissed
> count, instead we can track such instances by having
> independent counters such as nprefault, npostfault.
>
> Thanks
> Prasanna
...
> /*
> + * Kprobe pre handler trampoline saves the function return address and
> + * calls the registered user pre handler. In case if the user
> + * specified pre handler causes any page faults, the
> + * kprobe_fault_handler() gets notified and it just returns directly
> + * to kprobe_handler(), where trampoline was suppose to return.
> + */
> +static int __kprobes kprobe_pre_handler_trampoline(struct kprobe *p,
> + struct pt_regs *regs, struct kprobe_ctlblk *kcb)
> +{
> + kcb->handler_retaddr = (unsigned long)__builtin_return_address(0);
> + return (p->pre_handler(p, regs));
> +}
If/when you pick this back up, you need to consider saving and restoring
non-scratch registers. In particular, the handler may save and
subsequently modify ebp, ebx, esi, and edi, and then fault. The caller
of kprobe_pre_handler_trampoline() will expect that these registers have
been restored to their original values when control returns from
kprobe_pre_handler_trampoline() (or the fault-handling code).
Jim