<tt>crash-utility-bounces@redhat.com wrote on 27/09/2007 17:13:45: > Richard J Moore wrote: > > > > crash-utility-bounces@redhat.com wrote on 27/09/2007 15:45:21: > > > > > Richard J Moore wrote: > > > > > > > On looking at the code in entry.S at page_fault and the other > > exception > > > > entry points I see no attempt to save regs to create a pt_regs struct. > > > > The fact that do_page_fault takes pt_regs as the first arg is a > > hack to > > > > get at CS:EIP and SS:ESP at the time of exception. > > > > > > KPROBE_ENTRY(page_fault) > > > RING0_EC_FRAME > > > pushl $do_page_fault > > > CFI_ADJUST_CFA_OFFSET 4 > > > ALIGN > > > error_code: > > > /* the function address is in %fs's slot on the stack */ > > > pushl %es > > > CFI_ADJUST_CFA_OFFSET 4 > > > /*CFI_REL_OFFSET es, 0*/ > > > pushl %ds > > > CFI_ADJUST_CFA_OFFSET 4 > > > /*CFI_REL_OFFSET ds, 0*/ > > > pushl %eax > > > CFI_ADJUST_CFA_OFFSET 4 > > > CFI_REL_OFFSET eax, 0 > > > pushl %ebp > > > CFI_ADJUST_CFA_OFFSET 4 > > > CFI_REL_OFFSET ebp, 0 > > > pushl %edi > > > CFI_ADJUST_CFA_OFFSET 4 > > > CFI_REL_OFFSET edi, 0 > > > pushl %esi > > > CFI_ADJUST_CFA_OFFSET 4 > > > CFI_REL_OFFSET esi, 0 > > > pushl %edx > > > CFI_ADJUST_CFA_OFFSET 4 > > > CFI_REL_OFFSET edx, 0 > > > pushl %ecx > > > CFI_ADJUST_CFA_OFFSET 4 > > > CFI_REL_OFFSET ecx, 0 > > > pushl %ebx > > > CFI_ADJUST_CFA_OFFSET 4 > > > CFI_REL_OFFSET ebx, 0 > > > cld > > > pushl %fs > > > CFI_ADJUST_CFA_OFFSET 4 > > > /*CFI_REL_OFFSET fs, 0*/ > > > movl $(__KERNEL_PERCPU), %ecx > > > movl %ecx, %fs > > > UNWIND_ESPFIX_STACK > > > popl %ecx > > > CFI_ADJUST_CFA_OFFSET -4 > > > /*CFI_REGISTER es, ecx*/ > > > movl PT_FS(%esp), %edi # get the function address > > > movl PT_ORIG_EAX(%esp), %edx # get the error code > > > movl $-1, PT_ORIG_EAX(%esp) # no syscall to restart > > > mov %ecx, PT_FS(%esp) > > > /*CFI_REL_OFFSET fs, ES*/ > > > movl $(__USER_DS), %ecx > > > movl %ecx, %ds > > > movl %ecx, %es > > > movl %esp,%eax # pt_regs pointer > > > call *%edi > > > jmp ret_from_exception > > > CFI_ENDPROC > > > KPROBE_END(page_fault) > > > > > > > Dave, it looks like error_code: has been change relatively recently. My > > source starts: > > error_code: > > pushl %ds > > pushl %eax > > xorl %eax,%eax > > pushl %ebp > > > > and so on. Clearly not a valid pt_regs struct. > > The source I'm working with is from FC5. On your version of the kernel > > only the ERR, SS and ESP would be invalid. > > What tree is yours taken from? > > > > My example was from upstream 2.6.22-5. RHEL5 (2.6.18-based) > is slightly different, as the "error_code:" chunk is located > in the "divide_error" entry point, but like 2.6.22-5, all of > the other exceptions jmp to it. > > But even your code is creating the remainder of the pt_regs > after the essential registers laid down by the hardware > exception mechanism, by pushing the remaining registers, > "upwards" towards the beginning of the structure: > > struct pt_regs { > long ebx; > long ecx; > long edx; > long esi; > long edi; > long ebp; > long eax; > int xds; > int xes; > long orig_eax; > long eip; > int xcs; > long eflags; > long esp; > int xss; > }; > > Right? > > Dave > </tt> <tt>I don't think so. Am I misreading this:</tt> <tt>we take a page fault at ring 0. The cpu pushes eflags, cs, eip, error-code</tt> <tt>we enter the kernel at:</tt> <tt>ENTRY(page_fault)</tt> <tt> pushl $do_page_fault</tt> <tt> jmp error_code</tt> <tt>we have errror code in orig_eax</tt> <tt>error_code:</tt> <tt> pushl %ds</tt> <tt> pushl %eax</tt> <tt> xorl %eax, %eax</tt> <tt> pushl %ebp</tt> <tt> pushl %edi</tt> <tt> pushl %esi</tt> <tt> pushl %edx</tt> <tt> decl %eax # eax = -1</tt> <tt> pushl %ecx</tt> <tt> pushl %ebx</tt> <tt> cld</tt> <tt> pushl %es</tt> <tt> UNWIND_ESPFIX_STACK</tt> <tt> popl %ecx</tt> <tt> movl ES(%esp), %edi # get the function address</tt> <tt> movl ORIG_EAX(%esp), %edx # get the error code</tt> <tt> movl %eax, ORIG_EAX(%esp)</tt> <tt> movl %ecx, ES(%esp)</tt> <tt> movl $(__USER_DS), %ecx</tt> <tt> movl %ecx, %ds</tt> <tt> movl %ecx, %es</tt> <tt> movl %esp,%eax # pt_regs pointer</tt> <tt> call *%edi</tt> <tt> jmp ret_from_exception</tt> <tt>Aren't we sorting ds in the pt_regs.ES ? and therefore one register out?</tt> <tt>Maybe I'm missing something?</tt> <tt>Richard</tt> <tt> > > > -- > Crash-utility mailing list > Crash-utility@redhat.com > </tt><a href="https://www.redhat.com/mailman/listinfo/crash-utility"><tt>https://www.redhat.com/mailman/listinfo/crash-utility</tt></a><tt> </tt> <hr> Unless stated otherwise above: IBM United Kingdom Limited - Registered in England and Wales with number 741598. Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU