On Sat, Nov 26, 2011 at 10:25 PM, Luis Useche <use...@gmail.com> wrote: > On Sat, Nov 26, 2011 at 7:31 PM, Ted Unangst <t...@tedunangst.com> wrote: >> On Sat, Nov 26, 2011, Luis Useche wrote: >>> For a project I need to single step a user space process while >>> executing the fault handler. I was thinking that probably ddb single >>> stepping can be reused but this is probably for kernel single stepping >>> only. How about ptrace? >> >> I am officially confused because the fault handler runs in the kernel. >> If you want to step through a process then ptrace is what you want, or >> it's slightly easier to use interface, gdb. > > The interfaces you are talking about are to single step a user level > process from another user level process. However, I need to single > step in the fault handler the (user level) instruction that just > faulted. > > My final goal is to extract the data that the application was trying > to store at the unmapped page by mapping a temporary page.
That won't always work if you're on a platform like i386 where the kernel memory appears in the address space of processes, as you *can't* just map in a temporary page if the process tries to access an address in the kernel's range. Anyway, you don't need to trace the fault handler to do what you want. You trace the process with ptrace(), then use ptrace() to examine the state of the process when it gets a signal when it tries to access the page in a non-permitted way. For example, gdb reports the signal that was sent after examining the registers with ptrace(PT_GETREGS) and then uses ptrace(PT_IO) to get the instruction that faulted. Disassemble that to figure out what instruction it was and work out the exact address and data involved. Philip Guenther
