Section #2. Kernel Probes
Kernel probes can intrude into a kernel function and extract debug information or apply a medicated patch. It’s a useful addition to your debugging repertoire for investigating inexplicable behavior at a customer site, especially when you don’t have the luxury of rebooting the system. Linux supports a generic form of kernel probes called Kprobes and two specialized variants, Jprobes and return probes.
Kprobes
Kprobes can save you the trouble of building and booting a debug kernel by providing capabilities to dynamically dump kernel data structures or insert code into a running kernel. You can, for example, add a few printks on-the-fly inside the scheduler without recompiling the kernel. You can even ...
Get Debugging Linux Systems now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
