Browse Prior Art Database

Just-in-time Return Point interception

IP.com Disclosure Number: IPCOM000126493D
Original Publication Date: 2005-Jul-21
Included in the Prior Art Database: 2005-Jul-21
Document File: 2 page(s) / 43K

Publishing Venue

IBM

Abstract

A method for intercepting function return-points, which caters for: a) dynamic modification of the return-point during the execution of the called function; b) simultaneous multi-level returns executed a function termination;

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 43% of the total text.

Page 1 of 2

Just-in-time Return Point interception

The problem to be solved one of intercepting the return from a function call in an automated way, for the purposes of dynamic tracing and dynamic probing. Function entry-points can be readily determined, because by their very nature, their memory location must be known. For debugging purposes, it is desirable to be able to record to even intercept the return from a function. However the point of return (return-point) need not be, and is usually not externalised. Furthermore there may be multiple locations from which a return is made. Determination of the associated returns points is problematical. It is this problem that is addressed here.

    The usual method employed for addressing this problem is a form of code reverse engineering or disassembling. However, this technique is unreliable when applied to the general case, since assumes expected code sequences associated with function returns that can be readily located by scanning the object code of a module.

    This disclosure approaches the problem from the perspective of the processor executing code at run-time. An executing function will necessarily return to the calling function by means of machine instructions that effect such a return. Such instruction much "be aware" of the address in the calling function to which the must return control of execution. Because of the multitasking nature of modern processor architectures function call and return has to implement a parameterised form of return. In other words return cannot in general be hard-coded. Knowledge of the return point is therefore made know to the called function when control is passed. We used this "knowledge" to intercept to point of return to the calling function. This is done on entry to the called function.

    This disclosure uses of the return-point - the address of which has to be known on entry to the called function. Depending upon architecture this may be stored on stack or in a register or even be located within a conventionally agreed inter-functional communications area. Crucial to this disclosure is the need to correlate function entry with return. This is achieved though the use of the processor's debugging hardware. (Most modern processors provides a mechanism for implementing so-called watchpoints - a type or breakpoint which is declared through the use of watchpoint registers. In general, more than one watchpoint register is provided.) By using a watchpoint to intercept the function return we are able to generate an interrupt for the thread executing the function of interest. Other methods of interception are less advantageous since these involve replacing instructions at the return-point with an interrupting instruction. By doing do, we may generate spurious interrupts on other processors in a multi-processor environment. Furthermore, the memory location at which the interrupting instruction would have been stored would need to be loaded and modifiable, which is not ne...