Re: [PATCH v3 2/9] kprobes: Add a test case for stacktrace from kretprobe handler
From: Masami Hiramatsu
Date: Sun Oct 24 2021 - 22:34:41 EST
On Fri, 22 Oct 2021 12:15:37 -0400
Steven Rostedt <rostedt@xxxxxxxxxxx> wrote:
> On Thu, 21 Oct 2021 09:54:32 +0900
> Masami Hiramatsu <mhiramat@xxxxxxxxxx> wrote:
>
> > Add a test case for stacktrace from kretprobe handler and
> > nested kretprobe handlers.
> >
> > This test checks both of stack trace inside kretprobe handler
> > and stack trace from pt_regs. Those stack trace must include
> > actual function return address instead of kretprobe trampoline.
> > The nested kretprobe stacktrace test checks whether the unwinder
> > can correctly unwind the call frame on the stack which has been
> > modified by the kretprobe.
> >
> > Since the stacktrace on kretprobe is correctly fixed only on x86,
> > this introduces a meta kconfig ARCH_CORRECT_STACKTRACE_ON_KRETPROBE
> > which tells user that the stacktrace on kretprobe is correct or not.
> >
> > The test results will be shown like below;
> >
> > TAP version 14
> > 1..1
> > # Subtest: kprobes_test
> > 1..6
> > ok 1 - test_kprobe
> > ok 2 - test_kprobes
> > ok 3 - test_kretprobe
> > ok 4 - test_kretprobes
> > ok 5 - test_stacktrace_on_kretprobe
> > ok 6 - test_stacktrace_on_nested_kretprobe
> > # kprobes_test: pass:6 fail:0 skip:0 total:6
> > # Totals: pass:6 fail:0 skip:0 total:6
> > ok 1 - kprobes_test
>
> So my allmodconfig test failed on this:
>
> ERROR: modpost: "stack_trace_save_regs" [kernel/test_kprobes.ko] undefined!
Oops.
> > + /*
> > + * Test stacktrace from pt_regs at the return address. Thus the stack
> > + * trace must start from the target return address.
> > + */
> > + ret = stack_trace_save_regs(regs, stack_buf, STACK_BUF_SIZE, 0);
> > + KUNIT_EXPECT_NE(current_test, ret, 0);
> > + KUNIT_EXPECT_EQ(current_test, stack_buf[0], target_return_address[1]);
> > +
> > + return 0;
> > +}
>
> It appears that that "stack_trace_save_regs" is not exported. And this code
> can be compiled as a module.
Yes, if the selftest is compiled as a module, it has to remove the
stack_trace_save_regs().
>
> I'm going to continue testing my code, as I have over 40 patches that need
> to go into next. I'll just rebase removing this commit only (hopefully
> nothing else breaks), and if everything then passes, I'll push to next.
OK, let me fix that.
Thank you,
>
> -- Steve
--
Masami Hiramatsu <mhiramat@xxxxxxxxxx>