Hi, i'm using the new kernel UEK-9, 5.15.0-0.30.20.1.el9uek.x86_64 and 5.15.0-0.30.20.el9uek.x86_64.
But I met some problem when i try to use kprobe with KPROBE_FTRACE -- it's going to panic.
when I take a look the ftrace trampoline which generated while registering kprobe.
There is one strange at the end of trampoline.
...
0xffffffffc08ed0c3: call 0xffffffff8188d820 <kprobe_ftrace_handler>
0xffffffffc08ed0c8: mov 0x90(%rsp),%rax
0xffffffffc08ed0d0: mov %rax,0xa8(%rsp)
0xffffffffc08ed0d8: mov 0x80(%rsp),%rax
0xffffffffc08ed0e0: mov %rax,0xb0(%rsp)
0xffffffffc08ed0e8: mov (%rsp),%r15
0xffffffffc08ed0ec: mov 0x8(%rsp),%r14
0xffffffffc08ed0f1: mov 0x10(%rsp),%r13
0xffffffffc08ed0f6: mov 0x18(%rsp),%r12
0xffffffffc08ed0fb: mov 0x38(%rsp),%r10
0xffffffffc08ed100: mov 0x28(%rsp),%rbx
0xffffffffc08ed105: mov 0x78(%rsp),%rax
0xffffffffc08ed10a: mov %rax,0xa0(%rsp)
0xffffffffc08ed112: mov 0x78(%rsp),%rax
0xffffffffc08ed117: test %rax,%rax
0xffffffffc08ed11a: xchg %ax,%ax
0xffffffffc08ed11c: mov 0x20(%rsp),%rbp
0xffffffffc08ed121: mov 0x40(%rsp),%r9
0xffffffffc08ed126: mov 0x48(%rsp),%r8
0xffffffffc08ed12b: mov 0x70(%rsp),%rdi
0xffffffffc08ed130: mov 0x68(%rsp),%rsi
0xffffffffc08ed135: mov 0x60(%rsp),%rdx
0xffffffffc08ed13a: mov 0x58(%rsp),%rcx
0xffffffffc08ed13f: mov 0x50(%rsp),%rax
0xffffffffc08ed144: add $0xa8,%rsp
0xffffffffc08ed14b: popf
0xffffffffc08ed14c: jmp 0xffffffffc18670fc
See the last operation at the end of trampoline, actually it should be jmp to
__x86_return_thunk
But when I get the address, it is:
crash> p __x86_return_thunk
__x86_return_thunk = $6 =
{<text variable, no debug info>} 0xffffffff828023c0 <__x86_return_thunk>
So, ftrace trampoline is to wrong address at the end, I meet some panic whenever i use kprobe with KPROBE_FTRACE.
Is there similar issued reported?
Thanks!