我们可以读另一个线程的程序计数器吗？ [英] Can we read another thread's program counter?

问题描述

假设我们有一个单线程程序，我们希望在发生预定义中断时捕获程序计数器（PC）的值（如定时器中断）。

你知道这很容易我们只是使用特殊的关键字__asm__编写一个特定的汇编代码，并在转换4字节后弹出堆栈顶部的值。

多线程程序怎么样？

我们如何从同一进程中运行的另一个线程获取所有线程的值？ （从多线程处理器中的单独核心运行的线程获取值似乎非常不可思议。）
（在多线程程序中，每个线程都有堆栈和寄存器）。



-------------------------------------

assume that we have a single thread program and we hope to capture the value of program counter (PC) when a predefined interrupt occurs (like a timer interrupt).
It seems easy as you know we just write a specific assembly code using a special keyword "__asm__" and pop the value on the top of the stack after making a shift 4 byte.
What about Multithreaded programs ?
How can we get values of all threads from another thread which run in the same process? (It seems extremely incredible to get values from thread which run on a separate core in multi-core processors).
(in multithreaded programs, every thread has its stack and registers too).

-------------------------------------

I would  implement a saboteur thread.
in order to perform fault injection in the target multi-threaded program, the model of fault is SEU (single error upset) which means that an arbitrary bit in the program counter register modified randomly (bit-flip) causing to violate the right program sequence. therefore, control flow error (CFE)  occurs.
Since our target program is a multi-threaded program, we have to perform fault injection on all threads' PC. This is the task of saboteur tread. It should be able  to obtain threads' PC to perform fault injection.
assume we have this code,
main ()
{
foo
}

void foo()
{
__asm__{
pop "%eax"
pop "%ebx" // now ebx holds porgram counter value (for main thread)
// her code injection like  00000111 XOR ebx for example
push ...
push ...
};
}

If our program was a multithreaded program.
is it means that we have more than one stack? 
when OS perform context switching, it means that the stack and registers of the thread that was running moved to some place in the memory. Does this mean that if we want to get the values of the program counter for those threads, we find them in memory? where? and is it possible during run-time?

任何帮助，我很感激你。



我尝试了什么： <通过使用__asm__，我们可以获得主线程的PC值。

any help, I am grateful to you.

What I have tried:

by using __asm__ , we can get the value of PC of the main thread.

推荐答案

AFAIK，没有。

问题是你不知道你的线程何时运行：更不用说同时运行其他线程了。在现代处理器中，这确实可以同时 - 多个核心意味着多个同步线程，并且每个核心可以很容易地从缓存中运行它的线程，所以......你的中断只能在一个核心上运行，并且你不知道在另一个（s）上运行了什么线程。

即使在单线程应用程序上，你也无法保证中断运行的核心与你的应用程序是同一个核心！

如果一个线程被停顿，它就在内存中（甚至被分页到磁盘）及其寄存器 - 你可能无法访问那个内存，即使你知道它在哪里因为它位于你的地址空间之外。

AFAIK, no.
The problem is that you don't know when your thread is running: let alone what other thread are running at the same time. And in modern processors, that could indeed be "at the same time" - multiple cores means multiple simultaneous threads, and each core could easily be running it's thread purely from cache, so...your interrupt would only be running on one core, and you have no idea what thread is running on the other(s).
Even on a single threaded app, you have no guarantee that the core the interrupt is running on is the same core as your app!
And if a thread is stalled, it's in memory (or even paged to disk) along with its registers - and you probably won't have access to that memory, even if you know where it is because it's outside "your" address space.

可以获取上下文，但不建议在正在运行的线程上设置它，因为行为是不可预测的。



请参阅 GetThreadContext函数（Windows） [ ^ ]。



这是你要获得的唯一提示，这就是我的目标。我不会再进一步​​帮忙了。从现在开始，你就是独立的。

It's possible to get the context, but setting it is not recommended on a running thread as behavior is unpredictable.

See GetThreadContext function (Windows)[^].

That is the only hint you're going to get and this is as far as I go. I will not help on this any further. You are on your own from this point on.

这篇关于我们可以读另一个线程的程序计数器吗？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！