ARM架构kprobe应用及实现分析(3.0 被探测函数说明)

在此系列中都是探测 testAddadd5 ，作为分析入口,

我在do_fork 函数的最后的位置调用了testAddadd5 ，具体模样如下：

int   mykProbeCount = 0;char * mytestbuf ="this is a mytestbuf";int  testAddadd5(int a, int b,int c,char * buf,int d,int e,int f){    int aa=1;    int bb=2;    int cc=3;    mykProbeCount=mykProbeCount+5;    aa = a+b;    bb= c+d;    cc==e+f;    printk(" buf is %s   aa is %d bb is %d\n",buf,aa,bb);    mykProbeCount++;    return 0;}

此函数，很方便调试模拟，随便调用个shell 命令都会调用此函数

long do_fork(unsigned long clone_flags,      unsigned long stack_start,      struct pt_regs *regs,      unsigned long stack_size,      int __user *parent_tidptr,      int __user *child_tidptr){  int ii=0;  ...  printk("[%d:%s] fork fail:[0x%x, %d]\n", current->pid, current->comm, (unsigned int)p,(int) nr);  ii=testAddadd5(0x11,0x22,0x33,mytestbuf,0x44,0x55,0x88);  ii=ii+5;  return nr;}