Hi Yicheng, On Wed, Nov 27, 2013 at 3:52 AM, Yicheng Qin <qycqycqycqycqyc@xxxxxxxxx> wrote: > Test cases include cparser ability, ffi.current function, C function call > on user-defined kernel functions, C function call on native kernel functions. > After merged this patch set, kernel crashed after ran several times of command `make test`(not caused by ffi testcase, I disabled the ffi testcase in runtest.sh), seems like memory corruption. When I roll back this patch set, everything goes fine. 154 [ 506.334011] IP: [<ffffffff8117e774>] kmem_cache_alloc_trace+0x74/0x150 155 [ 506.334011] PGD 6f78d067 PUD 0 156 [ 506.334011] Oops: 0000 [#1] SMP 157 [ 506.334011] Modules linked in: ktapvm(O) ebtable_nat ebtables joydev e1000 [last unloaded: ktapvm] 158 [ 506.334011] CPU: 6 PID: 2501 Comm: ktap Tainted: G O 3.13.0-rc1+ #16 159 [ 506.334011] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2007 160 [ 506.334011] task: ffff8800797e2000 ti: ffff880067a96000 task.ti: ffff880067a96000 161 [ 506.334011] RIP: 0010:[<ffffffff8117e774>] [<ffffffff8117e774>] kmem_cache_alloc_trace+0x74/0x150 162 [ 506.334011] RSP: 0018:ffff880067a97b18 EFLAGS: 00010246 163 [ 506.334011] RAX: 0000000000000000 RBX: 0000000000000010 RCX: 0000000000000000 164 [ 506.334011] RDX: 000000000000376a RSI: 0000000000000002 RDI: ffff8800797e2000 165 [ 506.334011] RBP: ffff880067a97b48 R08: 0000000000016a00 R09: ffffffffa0060410 166 [ 506.334011] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000064696f76 167 [ 506.334011] R13: 00000000000080d0 R14: 00000000000004e0 R15: ffff88007d003400 168 [ 506.334011] FS: 00007fce28038740(0000) GS:ffff88007fcc0000(0000) knlGS:0000000000000000 169 [ 506.334011] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b 170 [ 506.334011] CR2: 0000000064696f76 CR3: 0000000068567000 CR4: 00000000000006e0 171 [ 506.334011] Stack: 172 [ 506.334011] ffffffff81125ef5 ffff880074aed800 ffff880067a97c58 0000000000000000 173 [ 506.334011] 0000000000000000 0000000000000001 ffff880067a97b98 ffffffff81125ef5 174 [ 506.334011] 00000000000092c0 ffffffffa0060410 ffff88007a2be000 ffff880074aed800 175 [ 506.334011] Call Trace: 176 [ 506.334011] [<ffffffff81125ef5>] ? perf_event_alloc+0x55/0x430 177 [ 506.334011] [<ffffffff81125ef5>] perf_event_alloc+0x55/0x430 178 [ 506.334011] [<ffffffffa0060410>] ? kp_init_baselib+0x20/0x20 [ktapvm] 179 [ 506.334011] [<ffffffff81126ef6>] perf_event_create_kernel_counter+0x26/0xe0 180 [ 506.334011] [<ffffffffa0060935>] kp_perf_event_register+0xc5/0x200 [ktapvm] 181 [ 506.334011] [<ffffffffa0060cc0>] ktap_lib_probe_by_id+0x250/0x300 [ktapvm] 182 [ 506.334011] [<ffffffffa0060a70>] ? kp_perf_event_register+0x200/0x200 [ktapvm] 183 [ 506.334011] [<ffffffffa005b4a9>] precall+0x1c9/0x480 [ktapvm] 184 [ 506.334011] [<ffffffffa005c0f5>] kp_call+0x785/0x19f0 [ktapvm] 185 [ 506.334011] [<ffffffffa0056185>] ktap_ioctl+0x105/0x180 [ktapvm] 186 [ 506.334011] [<ffffffff811a0f80>] do_vfs_ioctl+0x300/0x520 187 [ 506.334011] [<ffffffff812c0c76>] ? file_has_perm+0x86/0xa0 188 [ 506.334011] [<ffffffff811a1221>] SyS_ioctl+0x81/0xa0 189 [ 506.334011] [<ffffffff81641b12>] system_call_fastpath+0x16/0x1b I also try to figure out the memory allocation of csymbols by add simple print. [root@localhost ktap]# git diff interpreter/ diff --git a/interpreter/kp_load.c b/interpreter/kp_load.c index 543739e..33eabd5 100644 --- a/interpreter/kp_load.c +++ b/interpreter/kp_load.c @@ -298,6 +298,7 @@ static void load_csymbols(struct load_state *S) return; } + kp_printf(S->ks, "csym_nr: %d\n", csym_nr); cs_arr = NEW_VECTOR(S, sizeof(csymbol)*csym_nr); for (i = 0; i < csym_nr; i++) { cs = &cs_arr[i]; The result is like: [root@localhost ktap]# ./ktap scripts/helloworld.kp csym_nr: 10 Hello World! I am ktap Hmm, there don't have any cdef keyword in helloworld.kp, but still need to allocate csym related memory. Some memory allocation bug in ffi code? Jovi