| Message ID | 168960739768.34107.15145201749042174448.stgit@devnote2 |
|---|---|
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:c923:0:b0:3e4:2afc:c1 with SMTP id j3csp1188908vqt;
Mon, 17 Jul 2023 08:41:30 -0700 (PDT)
X-Google-Smtp-Source:
APBJJlEwKrCN+vVL/9ojJjZxe1BBEMg8/Qe9fNLctuvNBZ3TBCp0QoRo8Vry9gwjjPk04h2y+dpV
X-Received: by 2002:a05:6402:7c2:b0:51d:f589:9c7a with SMTP id
u2-20020a05640207c200b0051df5899c7amr135830edy.17.1689608490700;
Mon, 17 Jul 2023 08:41:30 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1689608490; cv=none;
d=google.com; s=arc-20160816;
b=Iiv6xVDKfUTzMGbMqi4BV4DJCkaSg76Mq+WBlA8k34kZOzjYr2P8oOeSxvOwINEqbU
RcTdPw6enIS5XBatD6RPSLN8IDK4eRKGPyNxt7+5Xb8shfgz+11UQly4BPxcTJQgYg7H
OAA9pxjsdB77IcR4YcnouFqBdS6PTdbYbF1xlN4mLtUQsx1gnsfZuz9/RXzTgV+fbqFI
g/DIOesOeJ6Hv3TbWx59dwjlUtpjT5laWptATq0Qa2uAqbi4IbD/dFa3q67P6qpl8VTo
FR+Ozk3eZT4fEXZna67q5zHd/kD1/2aW//ZWGBMD1Pfu7cLXKpEo6YPlBm4incWJaBaW
iPCw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:user-agent:message-id:date:subject:cc:to:from:dkim-signature;
bh=0qNKgfhNPRTISARNJkX6WIQwQhKTjUi89C1etHM8u60=;
fh=raxTTJvC+dSJYbgfX5JG5gvrVjxTZXczN0HF8iDayLY=;
b=aXN4f+jBAadRSLA+oRo1MGF76yRLwgTJBG/zGE5MMhYPSvdmfiatf+9JR6qtx2MHZu
p3j7Y+k7m0geDH6PYgSBKLlTq7CIC+udAIgtZ8qhyT1EjTVUZ52NNERL5J35fcuBtA5O
mWOAQAGLFBRdGD75vkGveftcl9Pl7TzSigX6JR4GLMGNQRMpocJvG9rYt1r14fGokDaK
V0UDFfhvb694yHgi9Y7fZwbmldEkdc+Ot7h7VXZ8OKeMdTKGEJ42+djMl/+L2bA65ry6
YH3Dw7GdBNT6wMNVKOUmIiXxeWJyzDOXe3lv+4HJ5WZ0Etiyy6BKZ858io+Ud7lbtdB/
ka3A==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fqXZ5t4I;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
b9-20020aa7df89000000b005219c6e1c89si740145edy.15.2023.07.17.08.40.59;
Mon, 17 Jul 2023 08:41:30 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fqXZ5t4I;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S230350AbjGQPYD (ORCPT <rfc822;hadasmailinglist@gmail.com>
+ 99 others); Mon, 17 Jul 2023 11:24:03 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56806 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S231403AbjGQPYB (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Mon, 17 Jul 2023 11:24:01 -0400
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 00FE019B1;
Mon, 17 Jul 2023 08:23:43 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits))
(No client certificate requested)
by dfw.source.kernel.org (Postfix) with ESMTPS id D082B60FE9;
Mon, 17 Jul 2023 15:23:22 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9639AC433C8;
Mon, 17 Jul 2023 15:23:20 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
s=k20201202; t=1689607402;
bh=gHIJLgbVp3IPB3gkGkxy/IvawUhhWSjYF4p1wpvRtLU=;
h=From:To:Cc:Subject:Date:From;
b=fqXZ5t4I+z6d4b3GWRKAdh2i6bGmPXXT/2vJMQTEpeT7hjsTxU+8QV9HJS0cQbT1A
RbscXA8m+dEco03gEfPnVgQSbTbMrxAukoOy+008DndMQz4HqGAsSFCp7voeuytUhy
MYQSAhu7EB7Pv7F4UTIaiInLZXAUmiZm1rS3iqnRpirRbEUEK7vvmJyB737eYJpjI6
4IrF7TEByeiIWHET1Vtrd2LK9ZJoAhPXfRdcStA7fcpRpVIbNAvmDSlv4tCXK1s+Gi
jhNUfvREWP3N4lvl8zkVwDMgto29ttQrybvz/kmw4d5Duc5Xah9gfUkKIdke+ugdwZ
4pPMNoRjeC4Fg==
From: "Masami Hiramatsu (Google)" <mhiramat@kernel.org>
To: linux-trace-kernel@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, Steven Rostedt <rostedt@goodmis.org>,
mhiramat@kernel.org, Martin KaFai Lau <martin.lau@linux.dev>,
bpf@vger.kernel.org, Sven Schnelle <svens@linux.ibm.com>,
Alexei Starovoitov <ast@kernel.org>
Subject: [PATCH v2 0/9] tracing: Improbe BTF support on probe events
Date: Tue, 18 Jul 2023 00:23:17 +0900
Message-Id: <168960739768.34107.15145201749042174448.stgit@devnote2>
X-Mailer: git-send-email 2.25.1
User-Agent: StGit/0.19
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,
RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE
autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1771682912591314276
X-GMAIL-MSGID: 1771682912591314276
|
| Series |
tracing: Improbe BTF support on probe events
|
|
Message
Masami Hiramatsu (Google)
July 17, 2023, 3:23 p.m. UTC
Hi,
Here is the 2nd version of series to improve the BTF support on probe events.
The previous series is here:
https://lore.kernel.org/linux-trace-kernel/168699521817.528797.13179901018528120324.stgit@mhiramat.roam.corp.google.com/
In this version, I added a NULL check fix patch [1/9] (which will go to
fixes branch) and move BTF related API to kernel/bpf/btf.c [2/9] and add
a new BTF API [3/9] so that anyone can reuse it.
Also I decided to use '$retval' directly instead of 'retval' pseudo BTF
variable for field access at [5/9] because I introduced an idea to choose
function 'exit' event automatically if '$retval' is used [7/9]. With that
change, we can not use 'retval' because if a function has 'retval'
argument, we can not decide 'f func retval' is function exit or entry.
Selftest test case [8/9] and document [9/9] are also updated according to
those changes.
This series can be applied on top of "v6.5-rc2" kernel.
You can also get this series from:
git://git.kernel.org/pub/scm/linux/kernel/git/mhiramat/linux.git topic/fprobe-event-ext
Thank you,
---
Masami Hiramatsu (Google) (9):
tracing/probes: Fix to add NULL check for BTF APIs
bpf/btf: tracing: Move finding func-proto API and getting func-param API to BTF
bpf/btf: Add a function to search a member of a struct/union
tracing/probes: Support BTF based data structure field access
tracing/probes: Support BTF field access from $retval
tracing/probes: Add string type check with BTF
tracing/fprobe-event: Assume fprobe is a return event by $retval
selftests/ftrace: Add BTF fields access testcases
Documentation: tracing: Update fprobe event example with BTF field
Documentation/trace/fprobetrace.rst | 50 ++
include/linux/btf.h | 7
kernel/bpf/btf.c | 83 ++++
kernel/trace/trace_fprobe.c | 58 ++-
kernel/trace/trace_probe.c | 402 +++++++++++++++-----
kernel/trace/trace_probe.h | 12 +
.../ftrace/test.d/dynevent/add_remove_btfarg.tc | 11 +
.../ftrace/test.d/dynevent/fprobe_syntax_errors.tc | 6
8 files changed, 503 insertions(+), 126 deletions(-)
--
Masami Hiramatsu (Google) <mhiramat@kernel.org>
Comments
On 17/07/2023 16:23, Masami Hiramatsu (Google) wrote: > Hi, > > Here is the 2nd version of series to improve the BTF support on probe events. > The previous series is here: > > https://lore.kernel.org/linux-trace-kernel/168699521817.528797.13179901018528120324.stgit@mhiramat.roam.corp.google.com/ > > In this version, I added a NULL check fix patch [1/9] (which will go to > fixes branch) and move BTF related API to kernel/bpf/btf.c [2/9] and add > a new BTF API [3/9] so that anyone can reuse it. > Also I decided to use '$retval' directly instead of 'retval' pseudo BTF > variable for field access at [5/9] because I introduced an idea to choose > function 'exit' event automatically if '$retval' is used [7/9]. With that > change, we can not use 'retval' because if a function has 'retval' > argument, we can not decide 'f func retval' is function exit or entry. this is fantastic work! (FWIW I ran into the retval argument issue with ksnoop as well; I got around it by using "return" to signify the return value since as a reserved word it won't clash with a variable name. However in the trace subsystem context retval is used extensively so makes sense to stick with that). One thing we should probably figure out is a common approach to handling ambiguous static functions that will work across ftrace and BPF. A few edge cases that are worth figuring out: 1. a static function with the same name exists in multiple modules, either with different or identical function signatures 2. a static function has .isra.0 and other gcc suffixes applied to static functions during optimization As Alexei mentioned, we're still working on 1, so it would be good to figure out a naming scheme that works well in both ftrace and BPF contexts. There are a few hundred of these ambiguous functions. My reading of the fprobe docs seems to suggest that there is no mechanism to specify a specific module for a given symbol (as in ftrace filters), is that right? Jiri led a session on this topic at LSF/MM/BPF ; perhaps we should carve out some time at Plumbers to discuss this? With respect to 2, pahole v1.25 will generate representations for these "."-suffixed functions in BTF via --btf_gen_optimized [1]. (BTF representation is skipped if the optimizations impact on the registers used for function arguments; if these don't match calling conventions due to optimized-out params, we don't represent the function in BTF, as the tracing expectations are violated). However the BTF function name - in line with DWARF representation - will not have the .isra suffix. So the thing to bear in mind is if you use the function name with suffix as the fprobe function name, a BTF lookup of that exact ("foo.isra.0") name will not find anything, while a lookup of "foo" will succeed. I'll add some specifics in your patch doing the lookups, but just wanted to highlight the issue at the top-level. Thanks! Alan [1] https://lore.kernel.org/bpf/1675790102-23037-1-git-send-email-alan.maguire@oracle.com/ > Selftest test case [8/9] and document [9/9] are also updated according to > those changes. > > This series can be applied on top of "v6.5-rc2" kernel. > > You can also get this series from: > > git://git.kernel.org/pub/scm/linux/kernel/git/mhiramat/linux.git topic/fprobe-event-ext > > > Thank you, > > --- > > Masami Hiramatsu (Google) (9): > tracing/probes: Fix to add NULL check for BTF APIs > bpf/btf: tracing: Move finding func-proto API and getting func-param API to BTF > bpf/btf: Add a function to search a member of a struct/union > tracing/probes: Support BTF based data structure field access > tracing/probes: Support BTF field access from $retval > tracing/probes: Add string type check with BTF > tracing/fprobe-event: Assume fprobe is a return event by $retval > selftests/ftrace: Add BTF fields access testcases > Documentation: tracing: Update fprobe event example with BTF field > > > Documentation/trace/fprobetrace.rst | 50 ++ > include/linux/btf.h | 7 > kernel/bpf/btf.c | 83 ++++ > kernel/trace/trace_fprobe.c | 58 ++- > kernel/trace/trace_probe.c | 402 +++++++++++++++----- > kernel/trace/trace_probe.h | 12 + > .../ftrace/test.d/dynevent/add_remove_btfarg.tc | 11 + > .../ftrace/test.d/dynevent/fprobe_syntax_errors.tc | 6 > 8 files changed, 503 insertions(+), 126 deletions(-) > > -- > Masami Hiramatsu (Google) <mhiramat@kernel.org> >
On Wed, 19 Jul 2023 10:02:06 +0100 Alan Maguire <alan.maguire@oracle.com> wrote: > On 17/07/2023 16:23, Masami Hiramatsu (Google) wrote: > > Hi, > > > > Here is the 2nd version of series to improve the BTF support on probe events. > > The previous series is here: > > > > https://lore.kernel.org/linux-trace-kernel/168699521817.528797.13179901018528120324.stgit@mhiramat.roam.corp.google.com/ > > > > In this version, I added a NULL check fix patch [1/9] (which will go to > > fixes branch) and move BTF related API to kernel/bpf/btf.c [2/9] and add > > a new BTF API [3/9] so that anyone can reuse it. > > Also I decided to use '$retval' directly instead of 'retval' pseudo BTF > > variable for field access at [5/9] because I introduced an idea to choose > > function 'exit' event automatically if '$retval' is used [7/9]. With that > > change, we can not use 'retval' because if a function has 'retval' > > argument, we can not decide 'f func retval' is function exit or entry. > > this is fantastic work! (FWIW I ran into the retval argument issue with > ksnoop as well; I got around it by using "return" to signify the return > value since as a reserved word it won't clash with a variable name. > However in the trace subsystem context retval is used extensively so > makes sense to stick with that). Thanks! > > One thing we should probably figure out is a common approach to handling > ambiguous static functions that will work across ftrace and BPF. A few > edge cases that are worth figuring out: > > 1. a static function with the same name exists in multiple modules, > either with different or identical function signatures > 2. a static function has .isra.0 and other gcc suffixes applied to > static functions during optimization > > As Alexei mentioned, we're still working on 1, so it would be good > to figure out a naming scheme that works well in both ftrace and BPF > contexts. There are a few hundred of these ambiguous functions. My > reading of the fprobe docs seems to suggest that there is no mechanism > to specify a specific module for a given symbol (as in ftrace filters), > is that right? Yes, it doesn't have module specificaiton at this moment. I'll considering to fix this. BTW, for the same-name functions, we are discussing another approach. We also need to sync this with BTF. https://lore.kernel.org/all/20230714150326.1152359-1-alessandro.carminati@gmail.com/ > > Jiri led a session on this topic at LSF/MM/BPF ; perhaps we should > carve out some time at Plumbers to discuss this? Yeah, good idea. > > With respect to 2, pahole v1.25 will generate representations for these > "."-suffixed functions in BTF via --btf_gen_optimized [1]. (BTF > representation is skipped if the optimizations impact on the registers > used for function arguments; if these don't match calling conventions > due to optimized-out params, we don't represent the function in BTF, > as the tracing expectations are violated). Correct. But can't we know which argument is skipped by the optimization from the DWARF? At least the function parameters will be changed. > However the BTF function name - in line with DWARF representation - > will not have the .isra suffix. So the thing to bear in mind is if > you use the function name with suffix as the fprobe function name, > a BTF lookup of that exact ("foo.isra.0") name will not find anything, > while a lookup of "foo" will succeed. I'll add some specifics in your > patch doing the lookups, but just wanted to highlight the issue at > the top-level. So, what about adding an index sorted list of the address and BTF entry index as an expansion of the BTF? It allowed us to easily map the suffixed symbol address (we can get it from kallsyms) to BTF quickly. So the module will have [BTF data][array length][BTF index array] Index array member will be like this. struct btf_index { u32 offset; // offset from the start text u32 id: // BTF type id }; We can do binary search the function type id from the symbol address. Thank you, > > Thanks! > > Alan > > [1] > https://lore.kernel.org/bpf/1675790102-23037-1-git-send-email-alan.maguire@oracle.com/ > > > Selftest test case [8/9] and document [9/9] are also updated according to > > those changes. > > > > This series can be applied on top of "v6.5-rc2" kernel. > > > > You can also get this series from: > > > > git://git.kernel.org/pub/scm/linux/kernel/git/mhiramat/linux.git topic/fprobe-event-ext > > > > > > Thank you, > > > > --- > > > > Masami Hiramatsu (Google) (9): > > tracing/probes: Fix to add NULL check for BTF APIs > > bpf/btf: tracing: Move finding func-proto API and getting func-param API to BTF > > bpf/btf: Add a function to search a member of a struct/union > > tracing/probes: Support BTF based data structure field access > > tracing/probes: Support BTF field access from $retval > > tracing/probes: Add string type check with BTF > > tracing/fprobe-event: Assume fprobe is a return event by $retval > > selftests/ftrace: Add BTF fields access testcases > > Documentation: tracing: Update fprobe event example with BTF field > > > > > > Documentation/trace/fprobetrace.rst | 50 ++ > > include/linux/btf.h | 7 > > kernel/bpf/btf.c | 83 ++++ > > kernel/trace/trace_fprobe.c | 58 ++- > > kernel/trace/trace_probe.c | 402 +++++++++++++++----- > > kernel/trace/trace_probe.h | 12 + > > .../ftrace/test.d/dynevent/add_remove_btfarg.tc | 11 + > > .../ftrace/test.d/dynevent/fprobe_syntax_errors.tc | 6 > > 8 files changed, 503 insertions(+), 126 deletions(-) > > > > -- > > Masami Hiramatsu (Google) <mhiramat@kernel.org> > >
On 19/07/2023 17:01, Masami Hiramatsu (Google) wrote: > On Wed, 19 Jul 2023 10:02:06 +0100 > Alan Maguire <alan.maguire@oracle.com> wrote: > >> On 17/07/2023 16:23, Masami Hiramatsu (Google) wrote: >>> Hi, >>> >>> Here is the 2nd version of series to improve the BTF support on probe events. >>> The previous series is here: >>> >>> https://lore.kernel.org/linux-trace-kernel/168699521817.528797.13179901018528120324.stgit@mhiramat.roam.corp.google.com/ >>> >>> In this version, I added a NULL check fix patch [1/9] (which will go to >>> fixes branch) and move BTF related API to kernel/bpf/btf.c [2/9] and add >>> a new BTF API [3/9] so that anyone can reuse it. >>> Also I decided to use '$retval' directly instead of 'retval' pseudo BTF >>> variable for field access at [5/9] because I introduced an idea to choose >>> function 'exit' event automatically if '$retval' is used [7/9]. With that >>> change, we can not use 'retval' because if a function has 'retval' >>> argument, we can not decide 'f func retval' is function exit or entry. >> >> this is fantastic work! (FWIW I ran into the retval argument issue with >> ksnoop as well; I got around it by using "return" to signify the return >> value since as a reserved word it won't clash with a variable name. >> However in the trace subsystem context retval is used extensively so >> makes sense to stick with that). > > Thanks! > >> >> One thing we should probably figure out is a common approach to handling >> ambiguous static functions that will work across ftrace and BPF. A few >> edge cases that are worth figuring out: >> >> 1. a static function with the same name exists in multiple modules, >> either with different or identical function signatures >> 2. a static function has .isra.0 and other gcc suffixes applied to >> static functions during optimization >> >> As Alexei mentioned, we're still working on 1, so it would be good >> to figure out a naming scheme that works well in both ftrace and BPF >> contexts. There are a few hundred of these ambiguous functions. My >> reading of the fprobe docs seems to suggest that there is no mechanism >> to specify a specific module for a given symbol (as in ftrace filters), >> is that right? > > Yes, it doesn't have module specificaiton at this moment. I'll considering > to fix this. BTW, for the same-name functions, we are discussing another > approach. We also need to sync this with BTF. > > https://lore.kernel.org/all/20230714150326.1152359-1-alessandro.carminati@gmail.com/ > >> >> Jiri led a session on this topic at LSF/MM/BPF ; perhaps we should >> carve out some time at Plumbers to discuss this? > > Yeah, good idea. > >> >> With respect to 2, pahole v1.25 will generate representations for these >> "."-suffixed functions in BTF via --btf_gen_optimized [1]. (BTF >> representation is skipped if the optimizations impact on the registers >> used for function arguments; if these don't match calling conventions >> due to optimized-out params, we don't represent the function in BTF, >> as the tracing expectations are violated). > > Correct. But can't we know which argument is skipped by the optimization > from the DWARF? At least the function parameters will be changed. > Yep; we use the expected registers to spot cases where something has been optimized out. >> However the BTF function name - in line with DWARF representation - >> will not have the .isra suffix. So the thing to bear in mind is if >> you use the function name with suffix as the fprobe function name, >> a BTF lookup of that exact ("foo.isra.0") name will not find anything, >> while a lookup of "foo" will succeed. I'll add some specifics in your >> patch doing the lookups, but just wanted to highlight the issue at >> the top-level. > > So, what about adding an index sorted list of the address and BTF entry > index as an expansion of the BTF? It allowed us to easily map the suffixed > symbol address (we can get it from kallsyms) to BTF quickly. > So the module will have > > [BTF data][array length][BTF index array] > > Index array member will be like this. > > struct btf_index { > u32 offset; // offset from the start text > u32 id: // BTF type id > }; > > We can do binary search the function type id from the symbol address. > Yeah, I wonder if a representation that bridged between kallsyms and BTF might be valuable? I don't _think_ it's as much of an issue for your case though since you only need to do the BTF lookup once on fprobe setup, right? Thanks! Alan > Thank you, > >> >> Thanks! >> >> Alan >> >> [1] >> https://lore.kernel.org/bpf/1675790102-23037-1-git-send-email-alan.maguire@oracle.com/ >> >>> Selftest test case [8/9] and document [9/9] are also updated according to >>> those changes. >>> >>> This series can be applied on top of "v6.5-rc2" kernel. >>> >>> You can also get this series from: >>> >>> git://git.kernel.org/pub/scm/linux/kernel/git/mhiramat/linux.git topic/fprobe-event-ext >>> >>> >>> Thank you, >>> >>> --- >>> >>> Masami Hiramatsu (Google) (9): >>> tracing/probes: Fix to add NULL check for BTF APIs >>> bpf/btf: tracing: Move finding func-proto API and getting func-param API to BTF >>> bpf/btf: Add a function to search a member of a struct/union >>> tracing/probes: Support BTF based data structure field access >>> tracing/probes: Support BTF field access from $retval >>> tracing/probes: Add string type check with BTF >>> tracing/fprobe-event: Assume fprobe is a return event by $retval >>> selftests/ftrace: Add BTF fields access testcases >>> Documentation: tracing: Update fprobe event example with BTF field >>> >>> >>> Documentation/trace/fprobetrace.rst | 50 ++ >>> include/linux/btf.h | 7 >>> kernel/bpf/btf.c | 83 ++++ >>> kernel/trace/trace_fprobe.c | 58 ++- >>> kernel/trace/trace_probe.c | 402 +++++++++++++++----- >>> kernel/trace/trace_probe.h | 12 + >>> .../ftrace/test.d/dynevent/add_remove_btfarg.tc | 11 + >>> .../ftrace/test.d/dynevent/fprobe_syntax_errors.tc | 6 >>> 8 files changed, 503 insertions(+), 126 deletions(-) >>> >>> -- >>> Masami Hiramatsu (Google) <mhiramat@kernel.org> >>> > >
On Thu, 20 Jul 2023 22:50:18 +0100 Alan Maguire <alan.maguire@oracle.com> wrote: > >> One thing we should probably figure out is a common approach to handling > >> ambiguous static functions that will work across ftrace and BPF. A few > >> edge cases that are worth figuring out: > >> > >> 1. a static function with the same name exists in multiple modules, > >> either with different or identical function signatures > >> 2. a static function has .isra.0 and other gcc suffixes applied to > >> static functions during optimization > >> > >> As Alexei mentioned, we're still working on 1, so it would be good > >> to figure out a naming scheme that works well in both ftrace and BPF > >> contexts. There are a few hundred of these ambiguous functions. My > >> reading of the fprobe docs seems to suggest that there is no mechanism > >> to specify a specific module for a given symbol (as in ftrace filters), > >> is that right? > > > > Yes, it doesn't have module specificaiton at this moment. I'll considering > > to fix this. BTW, for the same-name functions, we are discussing another > > approach. We also need to sync this with BTF. > > > > https://lore.kernel.org/all/20230714150326.1152359-1-alessandro.carminati@gmail.com/ > > > >> > >> Jiri led a session on this topic at LSF/MM/BPF ; perhaps we should > >> carve out some time at Plumbers to discuss this? > > > > Yeah, good idea. > > > >> > >> With respect to 2, pahole v1.25 will generate representations for these > >> "."-suffixed functions in BTF via --btf_gen_optimized [1]. (BTF > >> representation is skipped if the optimizations impact on the registers > >> used for function arguments; if these don't match calling conventions > >> due to optimized-out params, we don't represent the function in BTF, > >> as the tracing expectations are violated). > > > > Correct. But can't we know which argument is skipped by the optimization > > from the DWARF? At least the function parameters will be changed. > > > > Yep; we use the expected registers to spot cases where something > has been optimized out. I guess DWARF knows which register is optimized out and then BTF also knows that? Let me update my pahole too. > >> However the BTF function name - in line with DWARF representation - > >> will not have the .isra suffix. So the thing to bear in mind is if > >> you use the function name with suffix as the fprobe function name, > >> a BTF lookup of that exact ("foo.isra.0") name will not find anything, > >> while a lookup of "foo" will succeed. I'll add some specifics in your > >> patch doing the lookups, but just wanted to highlight the issue at > >> the top-level. > > > > So, what about adding an index sorted list of the address and BTF entry > > index as an expansion of the BTF? It allowed us to easily map the suffixed > > symbol address (we can get it from kallsyms) to BTF quickly. > > So the module will have > > > > [BTF data][array length][BTF index array] > > > > Index array member will be like this. > > > > struct btf_index { > > u32 offset; // offset from the start text > > u32 id: // BTF type id > > }; > > > > We can do binary search the function type id from the symbol address. > > > > Yeah, I wonder if a representation that bridged between kallsyms and BTF > might be valuable? I don't _think_ it's as much of an issue for your > case though since you only need to do the BTF lookup once on fprobe > setup, right? Thanks! Yes, but I'm thinking fprobe to support some sort of 'symbol+offset' format to specify one of the "same-name" symbols. In that case, it is important to identify which address the BTF type is pointed. Thank you! > > Alan > > > > > Thank you, > > > >> > >> Thanks! > >> > >> Alan > >> > >> [1] > >> https://lore.kernel.org/bpf/1675790102-23037-1-git-send-email-alan.maguire@oracle.com/ > >> > >>> Selftest test case [8/9] and document [9/9] are also updated according to > >>> those changes. > >>> > >>> This series can be applied on top of "v6.5-rc2" kernel. > >>> > >>> You can also get this series from: > >>> > >>> git://git.kernel.org/pub/scm/linux/kernel/git/mhiramat/linux.git topic/fprobe-event-ext > >>> > >>> > >>> Thank you, > >>> > >>> --- > >>> > >>> Masami Hiramatsu (Google) (9): > >>> tracing/probes: Fix to add NULL check for BTF APIs > >>> bpf/btf: tracing: Move finding func-proto API and getting func-param API to BTF > >>> bpf/btf: Add a function to search a member of a struct/union > >>> tracing/probes: Support BTF based data structure field access > >>> tracing/probes: Support BTF field access from $retval > >>> tracing/probes: Add string type check with BTF > >>> tracing/fprobe-event: Assume fprobe is a return event by $retval > >>> selftests/ftrace: Add BTF fields access testcases > >>> Documentation: tracing: Update fprobe event example with BTF field > >>> > >>> > >>> Documentation/trace/fprobetrace.rst | 50 ++ > >>> include/linux/btf.h | 7 > >>> kernel/bpf/btf.c | 83 ++++ > >>> kernel/trace/trace_fprobe.c | 58 ++- > >>> kernel/trace/trace_probe.c | 402 +++++++++++++++----- > >>> kernel/trace/trace_probe.h | 12 + > >>> .../ftrace/test.d/dynevent/add_remove_btfarg.tc | 11 + > >>> .../ftrace/test.d/dynevent/fprobe_syntax_errors.tc | 6 > >>> 8 files changed, 503 insertions(+), 126 deletions(-) > >>> > >>> -- > >>> Masami Hiramatsu (Google) <mhiramat@kernel.org> > >>> > > > >