Re: [PATCH V4 05/13] perf/x86: Add perf text poke events for kprobes

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Masami Hiramatsu <mhiramat@kernel.org>
To: Peter Zijlstra <peterz@infradead.org>
Cc: Adrian Hunter <adrian.hunter@intel.com>,
	Ingo Molnar <mingo@redhat.com>,
	Masami Hiramatsu <mhiramat@kernel.org>,
	Steven Rostedt <rostedt@goodmis.org>,
	Borislav Petkov <bp@alien8.de>, "H . Peter Anvin" <hpa@zytor.com>,
	x86@kernel.org, Mark Rutland <mark.rutland@arm.com>,
	Alexander Shishkin <alexander.shishkin@linux.intel.com>,
	Mathieu Poirier <mathieu.poirier@linaro.org>,
	Leo Yan <leo.yan@linaro.org>,
	Arnaldo Carvalho de Melo <acme@kernel.org>,
	Jiri Olsa <jolsa@redhat.com>,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH V4 05/13] perf/x86: Add perf text poke events for kprobes
Date: Thu, 26 Mar 2020 10:58:05 +0900	[thread overview]
Message-ID: <20200326105805.0723cd10325ad301de061743@kernel.org> (raw)
In-Reply-To: <20200324122150.GN20696@hirez.programming.kicks-ass.net>

On Tue, 24 Mar 2020 13:21:50 +0100
Peter Zijlstra <peterz@infradead.org> wrote:

> We optimize only after having already installed a regular probe, that
> is, what we're actually doing here is replacing INT3 with a JMP.d32. But
> the above will make it appear as if we're replacing the original text
> with a JMP.d32. Which doesn't make sense, since we've already poked an
> INT3 there and that poke will have had a corresponding
> perf_event_text_poke(), right? (except you didn't, see below)
> 
> At this point we'll already have constructed the optprobe trampoline,
> which contains however much of the original instruction (in whole) as
> will be overwritten by our 5 byte JMP.d32. And IIUC, we'll have a
> perf_event_text_poke() event for the whole of that already -- except I
> can't find that in the patches (again, see below).

Thanks Peter to point it out.

> 
> > @@ -454,9 +463,16 @@ void arch_optimize_kprobes(struct list_head *oplist)
> >   */
> >  void arch_unoptimize_kprobe(struct optimized_kprobe *op)
> >  {
> > +	u8 old[POKE_MAX_OPCODE_SIZE];
> > +	u8 new[POKE_MAX_OPCODE_SIZE] = { op->kp.opcode, };
> > +	size_t len = INT3_INSN_SIZE + DISP32_SIZE;
> > +
> > +	memcpy(old, op->kp.addr, len);
> >  	arch_arm_kprobe(&op->kp);
> >  	text_poke(op->kp.addr + INT3_INSN_SIZE,
> >  		  op->optinsn.copied_insn, DISP32_SIZE);
> > +	memcpy(new + INT3_INSN_SIZE, op->optinsn.copied_insn, DISP32_SIZE);
> 
> And then this is 'wrong' too. You've not written the original
> instruction, you've just written an INT3.
> 
> > +	perf_event_text_poke(op->kp.addr, old, len, new, len);
> >  	text_poke_sync();
> >  }
> 
> 
> So how about something like the below, with it you'll get 6 text_poke
> events:
> 
> 1:  old0 -> INT3
> 
>   // kprobe active
> 
> 2:  NULL -> optprobe_trampoline
> 3:  INT3,old1,old2,old3,old4 -> JMP32
> 
>   // optprobe active
> 
> 4:  JMP32 -> INT3,old1,old2,old3,old4
> 5:  optprobe_trampoline -> NULL
> 
>   // kprobe active
> 
> 6:  INT3 -> old0
> 
> 
> 
> Masami, did I get this all right?

Yes, you understand correctly. And there is also boosted kprobe
which runs probe.ainsn.insn directly and jump back to old place.
I guess it will also disturb Intel PT.

0:  NULL -> probe.ainsn.insn (if ainsn.boostable && !kp.post_handler)

> 1:  old0 -> INT3
> 
  // boosted kprobe active
> 
> 2:  NULL -> optprobe_trampoline
> 3:  INT3,old1,old2,old3,old4 -> JMP32
> 
>   // optprobe active
> 
> 4:  JMP32 -> INT3,old1,old2,old3,old4

   // optprobe disabled and kprobe active (this sometimes goes back to 3)

> 5:  optprobe_trampoline -> NULL
> 
  // boosted kprobe active
> 
> 6:  INT3 -> old0

7:  probe.ainsn.insn -> NULL (if ainsn.boostable && !kp.post_handler)

So you'll get 8 events in max.

Adrian, would you also need to trace the buffer which is used for
single stepping? If so, as you did, we need to trace p->ainsn.insn
always.

Thank you,

-- 
Masami Hiramatsu <mhiramat@kernel.org>

next prev parent reply	other threads:[~2020-03-26  1:58 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-03-04  9:06 [PATCH V4 00/13] perf/x86: Add perf text poke events Adrian Hunter
2020-03-04  9:06 ` [PATCH V4 01/13] perf: Add perf text poke event Adrian Hunter
2020-03-04  9:06 ` [PATCH V4 02/13] perf/x86: Add support for perf text poke event for text_poke_bp_batch() callers Adrian Hunter
2020-03-04  9:06 ` [PATCH V4 03/13] kprobes: Add symbols for kprobe insn pages Adrian Hunter
2020-03-05  5:58   ` Masami Hiramatsu
2020-03-05  6:10     ` Alexei Starovoitov
2020-03-05  9:04       ` Masami Hiramatsu
2020-03-24 12:31   ` Peter Zijlstra
2020-03-24 12:54     ` Adrian Hunter
2020-03-04  9:06 ` [PATCH V4 04/13] kprobes: Add perf ksymbol events " Adrian Hunter
2020-03-04  9:06 ` [PATCH V4 05/13] perf/x86: Add perf text poke events for kprobes Adrian Hunter
2020-03-24 12:21   ` Peter Zijlstra
2020-03-26  1:58     ` Masami Hiramatsu [this message]
2020-03-26  7:42       ` Adrian Hunter
2020-03-27  8:36         ` [PATCH V5 " Adrian Hunter
2020-03-31 23:44           ` Masami Hiramatsu
2020-04-01 10:13           ` Peter Zijlstra
2020-03-04  9:06 ` [PATCH V4 06/13] ftrace: Add symbols for ftrace trampolines Adrian Hunter
2020-03-04  9:06 ` [PATCH V4 07/13] ftrace: Add perf ksymbol events " Adrian Hunter
2020-03-04  9:06 ` [PATCH V4 08/13] ftrace: Add perf text poke " Adrian Hunter
2020-04-01 10:09   ` Peter Zijlstra
2020-04-01 10:42     ` Adrian Hunter
2020-04-01 11:14       ` Peter Zijlstra
2020-03-04  9:06 ` [PATCH V4 09/13] perf kcore_copy: Fix module map when there are no modules loaded Adrian Hunter
2020-03-04  9:06 ` [PATCH V4 10/13] perf evlist: Disable 'immediate' events last Adrian Hunter
2020-03-04  9:06 ` [PATCH V4 11/13] perf tools: Add support for PERF_RECORD_TEXT_POKE Adrian Hunter
2020-03-04  9:06 ` [PATCH V4 12/13] perf tools: Add support for PERF_RECORD_KSYMBOL_TYPE_OOL Adrian Hunter
2020-03-04  9:06 ` [PATCH V4 13/13] perf intel-pt: Add support for text poke events Adrian Hunter
2020-03-16  7:07 ` [PATCH V4 00/13] perf/x86: Add perf " Adrian Hunter
2020-03-24  9:29   ` Adrian Hunter

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200326105805.0723cd10325ad301de061743@kernel.org \
    --to=mhiramat@kernel.org \
    --cc=acme@kernel.org \
    --cc=adrian.hunter@intel.com \
    --cc=alexander.shishkin@linux.intel.com \
    --cc=bp@alien8.de \
    --cc=hpa@zytor.com \
    --cc=jolsa@redhat.com \
    --cc=leo.yan@linaro.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mark.rutland@arm.com \
    --cc=mathieu.poirier@linaro.org \
    --cc=mingo@redhat.com \
    --cc=peterz@infradead.org \
    --cc=rostedt@goodmis.org \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox