公开(公告)号：US06918110B2

公开(公告)日：2005-07-12

申请号：US09833248

申请日：2001-04-11

申请人： Robert Hundt ,  Vinodha Ramasamy ,  Eric Gouriou ,  David J. Babcock ,  Thomas C. Lofgren ,  Jose German Rivera ,  Umesh Krishnaswamy

发明人： Robert Hundt ,  Vinodha Ramasamy ,  Eric Gouriou ,  David J. Babcock ,  Thomas C. Lofgren ,  Jose German Rivera ,  Umesh Krishnaswamy

IPC分类号： G06F9/44 ,  G06F9/45 ,  G06F11/36

CPC分类号： G06F11/3612 ,  G06F11/3664

摘要： Method and apparatus for dynamic instrumentation of an executable application program. The application program includes a plurality of functions, each function having an entry point and an endpoint. When the application is executed, a shared memory segment is created for an instrumentation program and the application program. Upon initial invocation of the original functions in the application program, corresponding substitute functions are created in the shared memory segment, the substitute versions including instrumentation code. Thereafter, the substitute functions are executed in lieu of the original functions in the application program.

摘要翻译： 用于可执行应用程序的动态仪表的方法和装置。 应用程序包括多个功能，每个功能具有入口点和端点。 执行应用程序时，将为仪器程序和应用程序创建共享内存段。 在应用程序中初始调用原始函数后，在共享内存段中创建相应的替代函数，替代版本包括检测代码。 此后，替代功能代替应用程序中的原始功能。

公开(公告)号：US06957421B2

公开(公告)日：2005-10-18

申请号：US09771403

申请日：2001-01-26

申请人： Robert Hundt ,  Vinodha Ramasamy ,  Umesh Krishnaswamy ,  Eric Gouriou

发明人： Robert Hundt ,  Vinodha Ramasamy ,  Umesh Krishnaswamy ,  Eric Gouriou

IPC分类号： G06F11/36 ,  G06F9/44

CPC分类号： G06F11/3644

摘要： The present invention, in various embodiments, is directed to techniques for providing debugging capability for program code instrumentation. In one embodiment, an instrumentor inserts an instrumentation breakpoint at the beginning of a block of original code. When this breakpoint is reached during execution of the application program that includes the block of original code, the instrumenator, from the block of original code, generates a block of instrumented code. This block of instrumented code may include debugging breakpoints that are carried from the block of original code or are inserted into the block of instrumented code during debugging. After generating the instrumented code, the instrumentor executes the instrumented code until debugging breakpoints are reached that stop the program flow, thereby allowing a programmer to perform debugging functions at these debugging breakpoints.

摘要翻译： 在各种实施例中，本发明涉及用于提供用于程序代码检测的调试能力的技术。 在一个实施例中，工具在原始代码块的开头插入检测断点。 当在包括原始代码块的应用程序的执行期间达到该断点时，从原始代码块的主机产生一个检测代码块。 该程序化代码块可能包括调试断点，从原始代码块携带或在调试期间插入到检测代码块中。 生成仪器化代码后，仪器将执行检测代码，直到达到停止程序流程的断点，从而允许程序员在这些调试断点处执行调试功能。

公开(公告)号：US06898785B2

公开(公告)日：2005-05-24

申请号：US09930937

申请日：2001-08-16

申请人： Vinodha Ramasamy ,  Eric Gouriou ,  Robert Hundt

发明人： Vinodha Ramasamy ,  Eric Gouriou ,  Robert Hundt

IPC分类号： G06F9/40 ,  G06F11/34 ,  G06F11/36 ,  G06F9/44 ,  G06F11/00

CPC分类号： G06F11/3644 ,  G06F9/4484 ,  G06F11/3466 ,  G06F2201/865

摘要： Method and apparatus for handling calls from relocated instrumented functions to functions that expect a return pointer value in an original address space. In various embodiments of the invention, instrumented versions of selected functions of an executable program are generated and stored in a relocation address space. When a function is called by a function in the relocation address space, a return pointer register stores a first return-pointer value that is an address in the relocation address space. The address in the original address space that corresponds (logically) to the first return-pointer value is identified as an original return-pointer value. The first return-pointer value is associated with the original return-pointer value, references to the original return-pointer value are substituted for references to the first return-pointer value, and the instruction at the address indicated by the original return-pointer value is replaced with a breakpoint. When the breakpoint is encountered upon return of control at the original return-pointer value, the first return-pointer value that is associated with the original return-pointer value is obtained, and control is transferred to the instruction at the address referenced by the first return-pointer value.

摘要翻译： 用于处理从重新定位的仪表功能的调用到期望在原始地址空间中返回指针值的功能的方法和装置。 在本发明的各种实施例中，生成可执行程序的选定功能的检测版本并将其存储在重定位地址空间中。 当重定位地址空间中的函数调用函数时，返回指针寄存器存储作为重定位地址空间中的地址的第一返回指针值。 与逻辑上对应于第一个返回指针值的原始地址空间中的地址被标识为原始的返回指针值。 第一个返回指针值与原始返回指针值相关联，引用原始返回指针值代替对第一个返回指针值的引用，以及由原始返回指针值指示的地址处的指令 被替换为断点。 当在原始返回指针值返回控制时遇到断点时，获得与原始返回指针值相关联的第一个返回指针值，并将控制转移到由第一个指针引用的地址处的指令 返回指针值。

公开(公告)号：US07415699B2

公开(公告)日：2008-08-19

申请号：US10608330

申请日：2003-06-27

申请人： Eric Gouriou ,  Robert Hundt ,  Sujoy Saraswati ,  Sushanth Rai ,  Edward Sharpe

发明人： Eric Gouriou ,  Robert Hundt ,  Sujoy Saraswati ,  Sushanth Rai ,  Edward Sharpe

IPC分类号： G06F9/44

CPC分类号： G06F9/4843

摘要： A monitoring interface, includes logic responsive to a pre-fork event, the pre-fork event responsive to a vfork system call. The pre-fork event includes indicia that identifies a child process to be created in accordance with the vfork system call. A method for controlling the execution of a child process created from a parent process, where the parent process is monitored by a software tool includes, receiving indicia that a vfork system call will be executed by the parent process, suspending execution of the parent process, extracting a process identifier from the indicia of the vfork system call, the process identifier corresponding to a child process to be generated by the parent process when the parent process executes the vfork system call, setting a process monitor thread to observe the child process, and resuming execution of the parent process to enable the parent process to execute past the vfork system call.

摘要翻译： 监视接口包括响应于前叉事件的逻辑，响应于vfork系统调用的前叉事件。 前叉事件包括标记根据vfork系统调用创建的子进程的标记。 用于控制由父进程创建的子进程的执行方法，其中父进程由软件工具监视，包括：接收由父进程执行的vfork系统调用的标记，暂停父进程的执行， 从Vfork系统调用的标记中提取进程标识符，当父进程执行vfork系统调用时，由父进程生成的子进程对应的进程标识符，设置进程监视线程以观察子进程，以及 恢复执行父进程以使父进程能够通过vfork系统调用执行。

公开(公告)号：US07017153B2

公开(公告)日：2006-03-21

申请号：US10016953

申请日：2001-12-13

申请人： Eric Gouriou ,  Robert Hundt

发明人： Eric Gouriou ,  Robert Hundt

IPC分类号： G06F9/45 ,  H02H3/05

CPC分类号： G06F9/468 ,  G06F9/4486 ,  G06F11/3644

摘要： A method and system for reverting a process in an in-line instrumented state to an uninstrumented state. In one embodiment, the present invention modifies selected text segment portions from the process to be uninstrumented. The present embodiment then unmaps instrumented code space such that the instrumented code space is inaccessible to the process. In this embodiment, the present invention also cleans a call stack of the process by unwinding the call stack and resetting the storage locations for return pointers from the instrumented code space to uninstrumented code space.

公开(公告)号：US07185320B2

公开(公告)日：2007-02-27

申请号：US10608179

申请日：2003-06-27

申请人： Eric Gouriou ,  Robert Hundt ,  Sujoy Saraswati

发明人： Eric Gouriou ,  Robert Hundt ,  Sujoy Saraswati

IPC分类号： G06F9/45

CPC分类号： G06F11/362

摘要： A software tool includes logic configured to enable a child process that inherits the address space of a modified parent process to execute an unaltered version of the address space when the child process inherits the altered address space of the parent process. A method for processing breakpoint events in a child process created from a parent process, when the parent process is modified by a software tool includes, storing unmodified parent process code replaced by each occurrence of a breakpoint inserted into the address space during modification of the parent process, monitoring execution of a child process created by the parent process for an initial breakpoint in the address space, suspending execution of the child process in response to an initial breakpoint, replacing each occurrence of a breakpoint in the address space with the unmodified parent process code, and resuming execution of the child process.

摘要翻译： 软件工具包括被配置为当子进程继承父进程的改变的地址空间时允许继承修改的父进程的地址空间的子进程来执行地址空间的未改变版本的逻辑。 一种用于处理从父进程创建的子进程中的断点事件的方法，当所述父进程由软件工具修改时，包括：在修改父进程期间，将未修改的父进程代码替换为插入到地址空间中的断点的每个出现 处理，监视由父进程为地址空间中的初始断点创建的子进程的执行，暂停响应于初始断点的子进程的执行，用未修改的父进程替换地址空间中的断点的每次出现 代码，并恢复子进程的执行。