This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
15 ÐÐÑÐÑÐÑ 2006 Ð 14:43 -0400 Satoshi Oshima ÐÐÐÐÑÐÐ(-ÐÐ): > (1)finding the safe place to put probes > > Imagine certain binary line which is constructed by 2 byte instruction, > 2byte instruction and 3byte instruction, like below > > IA > | > [-2][-1][0][1][2][3][4][5][6][7] > [ins1][ins2][ ins3 ] > [<- DCR ->] > [<- JTPR ->] > > ins1: 1st Instruction > ins2: 2nd Instruction > ins3: 3rd Instruction > IA: Insertion Address > JTPR: Jump Target Prohibition Region > DCR: Detoured Code Region > > If we try to put a probe onto IA, we copy all instruction in DCR to > the buffer that is in executable pages and replace 5 byte in DCR > with relative jmp instruction. The problem (1) is the case that > some other part of the kernel might try to jump or call into JTPR. > > Yes, this is scary. But basically, we have to look into all jmp, > call, etc..instructions in the same function. I believe that > there is no possibilities that someone jump into the middle of the > function from other functions. The exception is assembler code. I think this can happen with C code too. If we have code like this: fun1(...) { ... return fun3(0, ...); } fun2(...) { return fun3(1, ...); } fun3(arg1, ...) { if (arg1) { .... else { .... } } I do not know how gcc really works, but I think it can optimize code in such way that fun1 and fun2 will jump to the middle of fun3. -- Eugeniy Meshcheryakov
Attachment:
signature.asc
Description: Digital signature
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |