Widely used in various types of software, on-line patches are patches that become effective during running of programs without restarting the programs. Referring to FIG. 1, the basic principle for activating an on-line patch is to replace the instruction at the entry of an original function (namely a to-be-patched function) with a jump instruction, and then to jump the program that invokes the original function to a patch function for execution through the replacing jump instruction. With the wide application of the Linux X86 system in the telecommunication field, it is also required for the application software in the Linux system to be patched on-line. However, due to the characteristics of the instructions of the X86 system and the scheduling mode of the Linux, the patch activating mode for simply modifying the instruction at the entry of a replaced function to a jump instruction becomes not entirely reliable, and cannot satisfy the requirements on the reliability of telecommunications software.
Referring to FIG. 2, in the Linux X86 system, unconditional jump instructions occupies five bytes, three instructions at the entry of the original function will be covered in most cases while an on-line patch is activated, and the segment of the five bytes occupied by the three instructions in the original function is referred to as a critical segment. If instructions at the entry of the original function are directly replaced with jump instructions while an on-line patch is activated, when there are plural threads in a progress, the circumstance may occur in which threads are switched precisely when a certain thread is executed to the critical segment (when executed to a first or a second instruction, for instance); if the on-line patch is activated at this time, abnormality will occur in the program after the thread is switched back, because the code of the critical segment of the original function has been covered by the new jump instruction.
Usually employed in the prior art is the Pannus patching technology, which specifically includes the following processes:    (1) suspending the progress of the original function by using the function ptrace;    (2) checking whether the values of the extended instruction pointers (EIP) of all threads of the original function are at the critical segment;    (3) writing a jump instruction at the entry of a patch function if none of the EIP values of the threads is at the critical segment, and restoring executing the progress;    (4) restoring executing the progress for a period of time if there is/are EIP value(s) of the thread(s) at the critical segment, and suspending the progress again for checkup; and    (5) returning failing of activating the patch if the patch can still not be activated after several rounds of checkups (10 rounds, for instance, as this can be self-defined).
Since the Pannus patching technology firstly suspends the progress of the original function and then checks whether the EIP values of all threads are in the critical segment, program abnormality occurring due to direct writing can be avoided to a certain extent.
However, the inventors found in the prior art during the process of implementing the present invention:
since only the EIP value of the current thread is checked prior to replacing the function, once there is a thread in the signal processing function, and the return address of the signal is in the critical segment, there will be program error when the thread returns after processing the signal processing function, because the critical segment has already been covered by the jump instruction. Accordingly, the security and reliability in activating patches can still not be guaranteed by such prior art technical solution.