RE: module function probe

public inbox for systemtap@sourceware.org
 help / color / mirror / Atom feed

* RE: module function probe
@ 2005-11-30 22:00 Keshavamurthy, Anil S
  0 siblings, 0 replies; 4+ messages in thread
From: Keshavamurthy, Anil S @ 2005-11-30 22:00 UTC (permalink / raw)
  To: Frank Ch. Eigler, Mao, Bibo; +Cc: systemtap

Please see my comments. 

>-----Original Message-----
>From: systemtap-owner@sourceware.org 
>[mailto:systemtap-owner@sourceware.org] On Behalf Of Frank Ch. Eigler
>Sent: Friday, November 25, 2005 4:37 AM
>To: Mao, Bibo
>Cc: systemtap@sources.redhat.com
>Subject: Re: module function probe
>
>Hi -
>
>> 	I wrote one module named probed.ko after compiled, and the other
>> is kprobe module named probing.ko which is to probe some function
>> defined in probed.ko module. 
>> [...]
>> 		#insmod probed.ko
>> 		#insmod probing.ko
>> 		#rmmod probed.ko
>> 		#rmmod probing.ko
>> [...]
>
>To manage module reference counts in a way that prevents this problem,
>systemtap keeps a file descriptor open on some file under
>/sys/module/<PROBED>/.  By using plain insmod, you are giving up this
>protection.

I think we should implement this module reference count 
logic built in the kernel kprobes code.

Here is how it can be done.
register_kprobe(...)
{ 
.....
+	if ((mod = module_text_address((unsigned long) p->addr)))
+		if (unlikely(!try_module_get(mod))) return -EINVAL;

....
}

Unregister_kprobe(...)
{
....
+		module_put(module_text_address((unsigned long)p->addr));
...
}

Opened a bugzilla
http://sources.redhat.com/bugzilla/show_bug.cgi?id=1954

Cheers,
Anil Keshavamurthy

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: module function probe
  2005-11-25  5:50 Mao, Bibo
@ 2005-11-25 12:37 ` Frank Ch. Eigler
  0 siblings, 0 replies; 4+ messages in thread
From: Frank Ch. Eigler @ 2005-11-25 12:37 UTC (permalink / raw)
  To: Mao, Bibo; +Cc: systemtap

Hi -

> 	I wrote one module named probed.ko after compiled, and the other
> is kprobe module named probing.ko which is to probe some function
> defined in probed.ko module. 
> [...]
> 		#insmod probed.ko
> 		#insmod probing.ko
> 		#rmmod probed.ko
> 		#rmmod probing.ko
> [...]

To manage module reference counts in a way that prevents this problem,
systemtap keeps a file descriptor open on some file under
/sys/module/<PROBED>/.  By using plain insmod, you are giving up this
protection.

- FChE

^ permalink raw reply	[flat|nested] 4+ messages in thread

* RE: module function probe
@ 2005-11-25  6:14 Zhang, Yanmin
  0 siblings, 0 replies; 4+ messages in thread
From: Zhang, Yanmin @ 2005-11-25  6:14 UTC (permalink / raw)
  To: Mao, Bibo, systemtap; +Cc: Frank Ch. Eigler, Keshavamurthy, Anil S

The module reference count is not correct. The module ref count should be increased with 1 when a kprobe is registered at the module exec text, and vice versa.

Yanmin

>>-----Original Message-----
>>From: Mao, Bibo
>>Sent: 2005年11月25日 13:50
>>To: systemtap@sources.redhat.com
>>Cc: 'Frank Ch. Eigler'; Keshavamurthy, Anil S; Zhang, Yanmin
>>Subject: module function probe
>>
>>Hi,
>>	I wrote one module named probed.ko after compiled, and the other is kprobe
>>module named probing.ko which is to probe some function defined in probed.ko
>>module.
>>	And then I executed the follow command so that some function can be probed.
>>		#insmod probed.ko
>>		#insmod probing.ko
>>But when I undelete module in such order kernel will crash
>>		#rmmod probed.ko		(system is ok)
>>		#rmmod probing.ko		(system will crash)
>>The reason is that when unregister kprobe it will restore original instruction,
>>but when probed module exits, its instruction address space is freed, so when
>>restore original instruction it will crash.
>>
>>Regards
>>Bibo,mao

^ permalink raw reply	[flat|nested] 4+ messages in thread

* module function probe
@ 2005-11-25  5:50 Mao, Bibo
  2005-11-25 12:37 ` Frank Ch. Eigler
  0 siblings, 1 reply; 4+ messages in thread
From: Mao, Bibo @ 2005-11-25  5:50 UTC (permalink / raw)
  To: systemtap; +Cc: Frank Ch. Eigler, Keshavamurthy, Anil S, Zhang, Yanmin

Hi,
	I wrote one module named probed.ko after compiled, and the other
is kprobe module named probing.ko which is to probe some function
defined in probed.ko module. 
	And then I executed the follow command so that some function can
be probed.
		#insmod probed.ko
		#insmod probing.ko
But when I undelete module in such order kernel will crash
		#rmmod probed.ko		(system is ok)
		#rmmod probing.ko		(system will crash)
The reason is that when unregister kprobe it will restore original
instruction, but when probed module exits, its instruction address space
is freed, so when restore original instruction it will crash.

Regards
Bibo,mao

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2005-11-30 22:00 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2005-11-30 22:00 module function probe Keshavamurthy, Anil S
  -- strict thread matches above, loose matches on Subject: below --
2005-11-25  6:14 Zhang, Yanmin
2005-11-25  5:50 Mao, Bibo
2005-11-25 12:37 ` Frank Ch. Eigler

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).