On Wed, Sep 07, 2022 at 09:55:11AM +0900, Masami Hiramatsu (Google) wrote: > Hi, > > Here is a couple of patches to fix kprobes and optprobe to work > on the kernel with CONFIG_RETHUNK and CONFIG_SLS. > > With these configs, the kernel functions may includes padding INT3 in > the function code block (body) in addition to the gaps between functions. > > Since kprobes on x86 has to ensure the probe address is a function s/function/instruction/ > bondary, it decodes the instructions in the function until the address. > If it finds an INT3 which is not embedded by kprobe, it stops decoding > because usually the INT3 is used for debugging as a software breakpoint > and such INT3 will replace the first byte of an original instruction. > Without recovering it, kprobes can not continue to decode it. Thus the > kprobes returns -EILSEQ as below. In the absence of kgdb nobody else except kprobes itself will do this. > # echo "p:probe/vfs_truncate_L19 vfs_truncate+98" >> kprobe_events > sh: write error: Invalid or incomplete multibyte or wide character > > > Actually, those INT3s are just for padding and can be ignored. They are speculations stops, not mere padding. Anyway, let me get on with reading the actual patches :-)
