On Tue, May 27, 2014 at 04:16:24PM -0400, erik quanstrom wrote: > > you can see there is a JMP over _tracein and a RET before _traceout. > > what gives? > > ah, that's the magic! the idea is to be able to enable and disable these > tracepoints > at runtime in a multiprocessor environment without any locking. > > - erik >
ok. i'm beginning to understand better. is there a specific use case,
such as the kernel or userland?
i didn't see anything like a tool that could poke nops into the right
places. i started to write an acid function to put the nops in one
named function, and then i realized that the ret can appear several
times in one function and i would need to search for and patch them
out. but only the *first* ret, not second, e.g.:
setvar+0x3a 0x0000adf5 RET <--- should be NOP
setvar+0x3b 0x0000adf6 CALL _traceout(SB)
setvar+0x40 0x0000adfb RET <--- should not be NOP
i was able to patch the JMP, and the RET but only in the case where it
appears at the bottom of a function.
defn traceon(fn){
bound = fnbound(fn);
// nop first jmp
*(bound[0]) = 0x90\b;
*(bound[0]+1) = 0x90\b;
// and the ret
// XXX should search for ret
*(bound[1]-7) = 0x90\b;
}
maybe these were not the droids i was looking for.
my real goal is to make timing statistics for function calls in a program.
perhaps this goal is better fulfilled simply by prof!
pgpqkthbklevj.pgp
Description: PGP signature
