From: James Bottomley <James.Bottomley@HansenPartnership.com>
To: Masami Hiramatsu <mhiramat@redhat.com>
Cc: linux-kernel <linux-kernel@vger.kernel.org>, systemtap@sourceware.org
Subject: Re: [RFC] systemtap: begin the process of using proper kernel APIs (part1: use kprobe symbol_name/offset instead of address)
Date: Wed, 16 Jul 2008 20:49:51 -0500 [thread overview]
Message-ID: <1216259391.3358.85.camel@localhost.localdomain> (raw)
In-Reply-To: <487E8CE4.70105@redhat.com>
On Wed, 2008-07-16 at 20:05 -0400, Masami Hiramatsu wrote:
> James Bottomley wrote:
> > On Wed, 2008-07-16 at 18:40 -0400, Masami Hiramatsu wrote:
> >> James Bottomley wrote:
> >>> One of the big nasties of systemtap is the way it tries to embed
> >>> virtually the entirety of the kernel symbol table in the probe modules
> >>> it constructs. This is highly undesirable because it represents a
> >>> subversion of the kernel API to gain access to unexported symbols. At
> >>> least for kprobes, the correct way to do this is to specify the probe
> >>> point by symbol and offset.
> >>>
> >>> This patch converts systemtap to use the correct kprobe
> >>> symbol_name/offset pair to identify the probe location.
> >> Hi James,
> >>
> >> I think your suggestion is a good step. Of course, it might
> >> have to solve some issues.
> >>
> >> Unfortunately, current kprobe's symbol_name interface is not
> >> so clever. For example, if you specify a static function
> >> which is defined at several places in the kernel(ex. do_open),
> >> it always pick up the first one in kallsyms, even if systemtap
> >> can find all of those functions.
> >> (you can find many duplicated symbols in /proc/kallsyms)
> >
> > Right, but realistically only functions which have a strict existence
> > (i.e. those for whom an address could be taken) can be used; functions
> > which are fully inlined (as in have no separate existence) can't.
> > That's why the patch finds the closest function with an address to match
> > on.
>
> Sure, inlined functions are embedded in a caller function, so the
> closest function is the correct owner.
>
> However, I meant local-scope functions can have same name if
> they are defined in different scope. And even though, both of
> them are shown in kallsyms. This mean, you can see the functions
> which have real different existence but have same symbol.
>
> Would you mean systemtap should not probe those name-conflicted
> functions?
Actually, I wasn't aware we had any.
> >> So, we might better improve kallsyms to treat this case
> >> and find what is a better way to specify symbols and addresses.
> >
> > Well, both the dwarf and the kallsyms know which are the functions that
> > have a real existence, so the tool can work it out. It has a real
> > meaning too because the chosen symbol must be the parent routine of all
> > the nested inlines.
>
> Hmm, here is what I got with your patch;
> $ stap --kelf -e 'probe kernel.function("do_open"){}' -p2
> # probes
> kernel.function("do_open@arch/x86/kernel/apm_32.c:1557") /* pc=<do_open+0x0> */ /* <- kernel.function("do_open") */
> kernel.function("do_open@fs/block_dev.c:928") /* pc=<do_open+0x0> */ /* <- kernel.function("do_open") */
> kernel.function("do_open@fs/nfsctl.c:24") /* pc=<sys_nfsservctl+0x55> */ /* <- kernel.function("do_open") */
> kernel.function("do_open@ipc/mqueue.c:630") /* pc=<do_open+0x0> */ /* <- kernel.function("do_open") */
>
> Without your patch;
> $ stap -e 'probe kernel.function("do_open"){}' -p2
> # probes
> kernel.function("do_open@arch/x86/kernel/apm_32.c:1557") /* pc=0x10382 */ /* <- kernel.function("do_open") */
> kernel.function("do_open@fs/block_dev.c:928") /* pc=0xa0750 */ /* <- kernel.function("do_open") */
> kernel.function("do_open@fs/nfsctl.c:24") /* pc=0xa6411 */ /* <- kernel.function("do_open") */
> kernel.function("do_open@ipc/mqueue.c:630") /* pc=0xc55a6 */ /* <- kernel.function("do_open") */
>
> Obviously, the 3rd "do_open" is fully inlined, so it can be
> correctly handled by kprobes, because it has different
> symbol(sys_nfsservctl). However, other "do_open" have
> same symbol(do_open). these will be put on same
> address (at the first symbol on kallsyms list).
>
> So, we need a bridge for the gap of function addresses
> between kallsyms and dwarf.
You mean this particular problem:
hobholes:/home/jejb/git/BUILD-2.6# grep do_open /proc/kallsyms
c01af160 t do_open
c01d5d40 t do_open
It's certainly a material defect in the current API. I'll think about
it and see if I can come up with a solution.
> [...]
> >> Could we provide a separated GPL'd interface to access named global
> >> symbols which is based on kallsyms?
> >
> > Yes, I think so ... it's just a case of working out what and how; but to
> > do that we need a consumer of the interface.
>
> I agree with you, we need to change both of systemtap and kernel.
>
> Thank you,
You're welcome.
James
next prev parent reply other threads:[~2008-07-17 1:50 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-07-15 18:33 [RFC] systemtap: begin the process of using proper kernel APIs (part1: use kprobe symbol_name/offset instead of address) James Bottomley
2008-07-16 22:40 ` Masami Hiramatsu
2008-07-16 23:03 ` James Bottomley
2008-07-17 0:05 ` Masami Hiramatsu
2008-07-17 1:49 ` James Bottomley [this message]
2008-07-17 14:18 ` James Bottomley
2008-07-17 16:58 ` James Bottomley
2008-07-17 21:36 ` Masami Hiramatsu
2008-07-17 22:03 ` James Bottomley
2008-07-21 14:20 ` James Bottomley
[not found] ` <1216313914.5515.25.camel__21144.9282979176$1216314027$gmane$org@localhost.localdomain>
2008-07-17 18:30 ` Frank Ch. Eigler
2008-07-17 20:12 ` James Bottomley
2008-07-17 20:26 ` Frank Ch. Eigler
2008-07-17 21:06 ` James Bottomley
2008-07-17 21:33 ` Frank Ch. Eigler
2008-07-17 22:03 ` Masami Hiramatsu
2008-07-22 18:00 ` Rik van Riel
2008-07-22 18:11 ` Frank Ch. Eigler
2008-07-22 18:31 ` Peter Zijlstra
[not found] ` <1216751477.7257.115.camel__19834.5970632092$1216751567$gmane$org@twins>
2008-07-22 18:48 ` Frank Ch. Eigler
2008-07-23 15:04 ` systemtap & backward compatibility, was Re: [RFC] systemtap: begin the process of using proper kernel APIs Frank Ch. Eigler
2008-07-23 15:28 ` Arjan van de Ven
2008-07-23 15:33 ` Peter Zijlstra
2008-07-23 20:25 ` Masami Hiramatsu
[not found] ` <20080723082856.334f9c17__2909.60763018138$1216827051$gmane$org@infradead.org>
2008-07-23 16:41 ` Frank Ch. Eigler
2008-07-23 16:54 ` Adrian Bunk
2008-07-23 17:34 ` Frank Ch. Eigler
2008-07-23 18:40 ` Adrian Bunk
2008-07-23 22:12 ` Masami Hiramatsu
2008-07-18 9:11 ` [RFC] systemtap: begin the process of using proper kernel APIs (part1: use kprobe symbol_name/offset instead of address) Andi Kleen
2008-07-18 9:23 ` Peter Zijlstra
2008-07-18 10:31 ` Andi Kleen
2008-07-18 10:44 ` Peter Zijlstra
2008-07-18 10:52 ` Andi Kleen
2008-07-18 13:02 ` Frank Ch. Eigler
2008-07-18 13:07 ` Andi Kleen
2008-07-18 13:10 ` Peter Zijlstra
2008-07-18 13:28 ` Frank Ch. Eigler
2008-07-18 13:35 ` Andi Kleen
2008-07-18 13:21 ` James Bottomley
2008-07-18 13:37 ` Frank Ch. Eigler
[not found] <1216146802.3312.95.camel__45052.4692344063$1216146917$gmane$org@localhost.localdomain>
2008-07-15 19:41 ` Frank Ch. Eigler
2008-07-15 19:52 ` James Bottomley
2008-07-15 20:07 ` Frank Ch. Eigler
2008-07-15 20:24 ` James Bottomley
2008-07-15 22:18 ` Frank Ch. Eigler
2008-07-16 2:06 ` James Bottomley
2008-07-16 10:56 ` Frank Ch. Eigler
2008-07-16 14:56 ` James Bottomley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1216259391.3358.85.camel@localhost.localdomain \
--to=james.bottomley@hansenpartnership.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mhiramat@redhat.com \
--cc=systemtap@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox