| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 01 Apr 2011 19:44:36 +0900
From: Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>
To: Peter Zijlstra <peterz@...radead.org>
Cc: Lin Ming <ming.m.lin@...el.com>,
Arnaldo Carvalho de Melo <acme@...radead.org>,
Frederic Weisbecker <fweisbec@...il.com>,
LKML <linux-kernel@...r.kernel.org>,
"2nddept-manager@....hitachi.co.jp"
<2nddept-manager@....hitachi.co.jp>
Subject: Re: [RFC PATCH] perf report: add sort by file lines
(2011/04/01 1:28), Peter Zijlstra wrote:
> On Thu, 2011-03-31 at 22:34 +0800, Lin Ming wrote:
>> I'm afraid that fwd scan may not work, because of branch instruction.
>>
>> void foo(struct foo *foo, struct tmp *tmp, int flag)
>> {
>> if (flag)
>> foo->bar->fubar = tmp->blah;
>> else
>> tmp->blah = foo->bar->fubar;
>> }
>>
>> ===>
>>
>> void foo(struct foo *foo, struct tmp *tmp, int flag)
>> {
>> 400494: 55 push %rbp
>> 400495: 48 89 e5 mov %rsp,%rbp
>> 400498: 48 89 7d f8 mov %rdi,-0x8(%rbp)
>> 40049c: 48 89 75 f0 mov %rsi,-0x10(%rbp)
>> 4004a0: 89 55 ec mov %edx,-0x14(%rbp)
>> if (flag)
>> 4004a3: 83 7d ec 00 cmpl $0x0,-0x14(%rbp)
>> 4004a7: 74 14 je 4004bd <foo+0x29>
>> foo->bar->fubar = tmp->blah;
>> 4004a9: 48 8b 45 f8 mov -0x8(%rbp),%rax
>> 4004ad: 48 8b 40 18 mov 0x18(%rax),%rax
>> 4004b1: 48 8b 55 f0 mov -0x10(%rbp),%rdx
>> 4004b5: 8b 52 20 mov 0x20(%rdx),%edx
>> 4004b8: 89 50 14 mov %edx,0x14(%rax)
>> 4004bb: eb 12 jmp 4004cf <foo+0x3b>
>> else
>> tmp->blah = foo->bar->fubar;
>> 4004bd: 48 8b 45 f8 mov -0x8(%rbp),%rax
>> 4004c1: 48 8b 40 18 mov 0x18(%rax),%rax
>> 4004c5: 8b 50 14 mov 0x14(%rax),%edx
>> 4004c8: 48 8b 45 f0 mov -0x10(%rbp),%rax
>> 4004cc: 89 50 20 mov %edx,0x20(%rax)
>> }
>> 4004cf: c9 leaveq
>> 4004d0: c3 retq
>>
>> Assume we are at ip 4004c5, the fwd scan from the beginning of
>> function(400494) to 4004c5 will not get what we want about %rax.
>
> Conversely backwards scans can get confused if there's more places to
> come from (intercal ftw!).
>
> That said, your example above should not get confused about %rax if it
> knows about the jumps, simply clone your context on any jump instruction
> and follow both branches. That would then give you:
>
> 400494 -> 4004a7 -> 4004bb -> 4004cf
> -> 4004bd
Hm, I think that is the easiest case (like as kprobes does in the kernel)
E.g. an indirect jump makes it hard to find where it jumps to.
> You could even first build the basic block tree and only follow those
> branches that end up covering the region IP is in.
Ah, that's reasonable :)
Thank you,
--
Masami HIRAMATSU
Software Platform Research Dept. Linux Technology Center
Hitachi, Ltd., Yokohama Research Laboratory
E-mail: masami.hiramatsu.pt@...achi.com
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists