Troubleshooting
Problem
There is a potential Solaris kernel reboot when running Dtrace Application and Guardium STAP on the same Solaris server.
Reboot happens when these conditions are met.
1. Guardium STAP installed
2. Dtrace running
3. Reboot triggers if STAP tried to hook when Dtrace is running.
2. Dtrace running
3. Reboot triggers if STAP tried to hook when Dtrace is running.
Symptom
Operating System crash
Cause
When Dtrace script runs, it will hook the system calls, and unhook after the script is done. If the Dtrace script was running when STAP first starts, it will cause a conflict since both hook the system calls. This will cause system panic.
Environment
This problem is caused on Solaris system running Dtrace application.
Diagnosing The Problem
Crash is caused by stack overflow.
Resolving The Problem
To avoid this issue, when STAP starts, Dtrace User Application should not be running.
In case Dtrace User Application is running when STAP starts, STAP will generate a CONF_ERROR:
May 15 11:51:19 sol113spct ktap_108717: [ID 302146 kern.notice] Unhook_calls: can't restore system calls, addresses mismatch
May 15 11:51:19 sol113spct ktap_108717: [ID 767152 kern.notice] 15765 (v 108717) GUARD-02: ktap_stap_ioctl: unhook failed... returning (line 6390)
May 15 11:51:19 sol113spct guard_tap[15765]: [ID 748625 user.alert] 2020.05.15 11:51:19 GT_INTERCEPT failed: Bad address
May 15 11:51:19 sol113spct ktap_108717: [ID 767152 kern.notice] 15765 (v 108717) GUARD-02: ktap_stap_ioctl: unhook failed... returning (line 6390)
May 15 11:51:19 sol113spct guard_tap[15765]: [ID 748625 user.alert] 2020.05.15 11:51:19 GT_INTERCEPT failed: Bad address
User must stop Dtrace Application and restart STAP to fix this CONF_ERROR.
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m0z0000001h07AAA","label":"STAP->K-TAP"}],"ARM Case Number":"","Platform":[{"code":"PF027","label":"Solaris"}],"Version":"All Version(s)","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
Modified date:
21 May 2020
UID
ibm16213268