Masami Hiramatsu wrote: >>> + if (!kallsyms_lookup(paddr, NULL, &offset, NULL, __dummy_buf)) >>> + return 0; >>> + >>> + /* Decode instructions */ >>> + addr = paddr - offset; >>> + while (addr < paddr) { >>> + insn_init_kernel(&insn, (void *)addr); >>> + insn_get_opcode(&insn); >>> + if (OPCODE1(&insn) == BREAKPOINT_INSTRUCTION) { >>> + ret = recover_probed_instruction(buf, addr); >> Oh, the above puts back the original op code. That is why it is OK? > > Oops, no. I have to use get_kprobe() instead. Thanks! Ah, I forgot another possibility. There might be another subsystem, like kgdb, will put their break point on the kernel. In that case, decoder will decode the instruction is a break point instruction and the first opcode is int3. So, this part is correct. In the future, we need to add a generic recover_instruction() code for those text modification subsystems. Thank you, -- Masami Hiramatsu Software Engineer Hitachi Computer Products (America) Inc. Software Solutions Division e-mail: mhiramat@xxxxxxxxxx -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html