This is the mail archive of the systemtap@sources.redhat.com mailing list for the systemtap project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: kprobes problem


Prasanna S Panchamukhi wrote:
Hi Baruch,

Thanks for pointing it out.
Yes, kprobes could not handle probes on ret/lret instruction.
The instruction pointer modification in case of ret/lret
instrcution is not required.
The below patch should fix the problem. This patch is for i386 achitecture and soon will be ported to other architectures.


Please let me know if you have any issues.

Are there any other instruction that will cause a control flow change? e.g. "int" and "IRET" instructions? There are certainly places "int" is used in the kernel. Does the kprobes code account for all the control flow instructions?


-Wil


Thanks Prasanna


Kprobes could not handle the insertion of a probe on a ret/lret instruction. This patch fixes the above bug by avoiding adjustment of instruction pointer,

Signed-off-by: Prasanna S Panchamukhi <prasanna@in.ibm.com>


---


 linux-2.6.11-rc5-prasanna/arch/i386/kernel/kprobes.c |    8 ++++++++
 1 files changed, 8 insertions(+)

diff -puN arch/i386/kernel/kprobes.c~kprobes-ret-address-fix arch/i386/kernel/kprobes.c
--- linux-2.6.11-rc5/arch/i386/kernel/kprobes.c~kprobes-ret-address-fix	2005-03-14 21:27:34.000000000 +0530
+++ linux-2.6.11-rc5-prasanna/arch/i386/kernel/kprobes.c	2005-03-14 21:48:39.000000000 +0530
@@ -208,6 +208,14 @@ static void resume_execution(struct kpro
 		*tos &= ~(TF_MASK | IF_MASK);
 		*tos |= kprobe_old_eflags;
 		break;
+	case 0xc3:		/* ret/lret */
+	case 0xcb:
+	case 0xc2:
+	case 0xca:
+		regs->eflags &= ~TF_MASK;
+		/* eip is already adjusted, no more changes required*/
+		return;
+		break;
 	case 0xe8:		/* call relative - Fix return addr */
 		*tos = orig_eip + (*tos - copy_eip);
 		break;

_


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]