This is the mail archive of the systemtap@sources.redhat.com mailing list for the systemtap project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: kprobes problem

From: "Frank Ch. Eigler" <fche at redhat dot com>
To: Baruch Even <baruch at ev-en dot org>
Cc: systemtap at sources dot redhat dot com
Date: Fri, 11 Mar 2005 21:49:56 -0500
Subject: Re: kprobes problem
References: <42324F4C.9010307@ev-en.org>

Hi -

On Sat, Mar 12, 2005 at 02:09:16AM +0000, Baruch Even wrote:
> [...]
> I've got a jprobe working on the entry of the function and wanted a 
> kprobe at the end of the function, on the ret instruction.

That's fine.  Following the systemtap mailing list will let you
monitor work underway to provide an automated way of trapping function
exits via "rprobes" (return probes).

> I've extracted with a script the offset of the ret instruction but when 
> hitting the probe the kernel oopses.

Are you sure you didn't make an off-by-one error?  You could find the
vmlinux executable and disassemble (with objdump) the routine in
question, to find the ret address.

> If I move the trap a few instructions earlier to a point where there is 
> an instruction with more than one byte[1], everything works. [...]
> [1] int $0x03 is two bytes, ret is one byte.

Ah, but "int 3" is also 0xCC, one byte, designed that way on purpose.

- FChE

Follow-Ups:
- Re: kprobes problem
  - From: Baruch Even

References:
- kprobes problem
  - From: Baruch Even

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]