This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
15 ÐÐÑÐÑÐÑ 2006 Ð 14:43 -0400 Satoshi Oshima ÐÐÐÐÑÐÐ(-ÐÐ):
> (1)finding the safe place to put probes
>
> Imagine certain binary line which is constructed by 2 byte instruction,
> 2byte instruction and 3byte instruction, like below
>
> IA
> |
> [-2][-1][0][1][2][3][4][5][6][7]
> [ins1][ins2][ ins3 ]
> [<- DCR ->]
> [<- JTPR ->]
>
> ins1: 1st Instruction
> ins2: 2nd Instruction
> ins3: 3rd Instruction
> IA: Insertion Address
> JTPR: Jump Target Prohibition Region
> DCR: Detoured Code Region
>
> If we try to put a probe onto IA, we copy all instruction in DCR to
> the buffer that is in executable pages and replace 5 byte in DCR
> with relative jmp instruction. The problem (1) is the case that
> some other part of the kernel might try to jump or call into JTPR.
>
> Yes, this is scary. But basically, we have to look into all jmp,
> call, etc..instructions in the same function. I believe that
> there is no possibilities that someone jump into the middle of the
> function from other functions. The exception is assembler code.
I think this can happen with C code too. If we have code like this:
fun1(...) {
...
return fun3(0, ...);
}
fun2(...) {
return fun3(1, ...);
}
fun3(arg1, ...) {
if (arg1) {
....
else {
....
}
}
I do not know how gcc really works, but I think it can optimize code in
such way that fun1 and fun2 will jump to the middle of fun3.
--
Eugeniy Meshcheryakov
Attachment:
signature.asc
Description: Digital signature
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |