[Bug kprobes/22147] stopped to probe do_arch_ctrl_64
dsmith at redhat dot com
sourceware-bugzilla@sourceware.org
Tue Sep 19 16:00:00 GMT 2017
https://sourceware.org/bugzilla/show_bug.cgi?id=22147
--- Comment #3 from David Smith <dsmith at redhat dot com> ---
(In reply to David Smith from comment #2)
Here's something else about this probe:
> ====
> probe kernel.function("do_arch_prctl_64").call
> {
> if ( pid() == target() ) {
> if ( ulonglong_arg(2) == 0x1002 ) {
> ++cnt_fs_base_set
> printf ("do_arch_prctl_64 ARCH_SET_FS fun %s option %x arg %x\n",
> ppfunc(), ulonglong_arg(2), ulonglong_arg(3) )
> printf( " tid %d current fs base %x \n", tid(), my_get_fs_base() )
>
> }
> }
> }
> ====
In the upstream kernel source, that function is defined like this:
====
long do_arch_prctl_64(struct task_struct *task, int option, unsigned long
arg2);
====
You are treating argument 2 as a ulonglong (8 bytes on x86_64), where it is
really an int (4 bytes on x86_64). So, you are probably getting incorrect
values for argument 2. So, you should use 'int_arg(2)', not 'ulonglong_arg(2)'.
If you aren't getting incorrect values, you are getting lucky.
(Or course argument 3 isn't really a ulonglong, but since a ulonglong takes the
same number of bytes as a long on x86_64 you should be OK there.)
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Systemtap
mailing list