On Tue, May 12, 2026 at 10:07 AM Jiri Olsa <[email protected]> wrote: > > + /* > + * We have nop10 (with first byte overwritten to int3), > + * change it to: > + * lea 0x80(%rsp), %rsp > + * call tramp > + * > + * The first lea instruction skips the stack redzone so the call > + * instruction can safely push return address on stack. > + */
typo: lea -128(%rsp), %rsp you can also do: add $-128, %rsp + call tramp = 4 + 5 = 9 bytes instead of 10. Initially I didn't like this approach, since we just introduced usdt nop5 and now need to recompile everything again, but looking at the fix it's definitely simpler than alternatives and doesn't have annoying limitations.
