After receiving quite a few reports from users of www.frida.re of kernel panic upon attaching the second time to a process, I finally got around to debugging the kernel to figure out what was going on. First, a little background. Frida hooks function calls by rewriting the function’s prologue in memory. In order to do so it has to make the containing memory page writable, patch the code, and later