This is the mail archive of the
systemtap@sources.redhat.com
mailing list for the systemtap project.
Re: instrumenting vs. module loading
- From: Ananth N Mavinakayanahalli <amavin at redhat dot com>
- To: "Lynch, Rusty" <rusty dot lynch at intel dot com>
- Cc: William Cohen <wcohen at redhat dot com>, "Frank Ch. Eigler" <fche at redhat dot com>, systemtap at sources dot redhat dot com
- Date: Fri, 13 May 2005 11:24:42 -0400
- Subject: Re: instrumenting vs. module loading
- References: <032EB457B9DBC540BFB1B7B519C78B0E071EAC35@orsmsx404.amr.corp.intel.com>
Lynch, Rusty wrote:
Ananth N Mavinakayanahalli wrote:
Ananth N Mavinakayanahalli wrote:
Frank Ch. Eigler wrote:
I don't have much idea about in kernel details of module loading and
unloading, but I'd imagine we'll encounter "interesting" issues if a
different module is loaded in the same text range with such a stray
kprobe.
On more thought, we won't see any such issues - we won't have the
breakpoint hit at all - the whole text gets overlaid right?
Doh! what was I thinking earlier.. need more coffee :-)
Ananth
All is fine until the clean up code tries to unregister the kprobe and
it scribbles over that location in memory which no longer has the
breakpoint.
-will
Or... the same memory is used to load a new module, and we end up
replacing an instruction with the old original instruction. Can you
imagine if that didn't trigger a crash, but just some very subtle bug.
I think this could be solved in the unregistration.
Yeah.. something like:
if (*addr != BREAKPOINT_INSTRUCTION)
/* just unlink the kprobe from hlist */
should do the trick.
I know systemtap scripts would probably handle it at a higher layer, but
we'd need this test anyway to protect ourselves from a joe-user with bad
intentions.
Ananth