[1/1] perf trace: Use heuristic when deciding if a syscall tracepoint "const char *" field is really a string
| Message ID | ZN5lrdeEdSMCn7hk@kernel.org |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:b82d:0:b0:3f2:4152:657d with SMTP id z13csp2061139vqi;
Sat, 19 Aug 2023 07:53:52 -0700 (PDT)
X-Google-Smtp-Source:
AGHT+IFkSl1clkaCMDOhFCtWhTYI9ZAPxGHwfltENakGD4TCp4QKhwXqmFpraxU16DgJ9Ep3drO/
X-Received: by 2002:a25:6804:0:b0:d12:29c8:782a with SMTP id
d4-20020a256804000000b00d1229c8782amr2256093ybc.61.1692456832780;
Sat, 19 Aug 2023 07:53:52 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1692456832; cv=none;
d=google.com; s=arc-20160816;
b=uqkDI2387Is9TvsMavdv5kjeNw+k+bwCbtPSqQSJ3H0PLiGeid+ZPDDzw+gRRuuTv+
WYaiNMUCujtSAGCOTB1JT/2gCfEjzo+IMEb58O+oaUgWnakjoHE+Sye+E8b6tvrBds01
1EMBtFZfiPKXUXdGQKQ8limPttVd7a1eldO3oXbicDGuDLqFYP+bvNGTwmQuY8qSkexO
oh4W4Caylm3592j+IzlTKp+TT5N2UcWv1DrZ0ZnQQLVJ8AwxRm94FdB4AbQ6Z2U8EOQX
Eb6VE+VLgo77R/llSZ41AJHcFZWHbg29Qqfu8Fh/hp3Vu7XhBeDQvHjk1p4aglHGbWCB
fALw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-disposition:mime-version:message-id
:subject:cc:to:from:date:dkim-signature;
bh=VKAhyjzIidCkaae8YJDzdW/CH0Ucamvlv0jZZp3q0us=;
fh=u0qByi7EvPkmzLrtlxARjP9LeKpyC9hbZiKRf5U++OM=;
b=tNUF6w+OIwIt0yqMZX1IdFjFCeIuCDCwCR44/OwltapX6lJn+aJiWjPLX8oBOfBLKd
NO2s+WeAxy5TG1dnLiYNDwtS61XKcn6Z9HT5rrQdiyWYysuQwngZVA3B44CDPiudEim6
L/VCtqIVeBx0InhlQUnlzrPVZmBdszORqfWuZa5pe/8ifWa3mU+6nrsXwN9ZiTwgZPKN
kKl90SWdguYknezewvraiKdkkt6Ldu0ra0mI2nhdMYxbLclck2zO732aR1YZ031UziPI
oBP54Q4jlSr87wNOk1i3++/nRzt04iqbkRWIPXAx35G1hXHOIK2ZbnEasMRAtQ0k2Msk
T7Pw==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@kernel.org header.s=k20201202 header.b=ivwoZIfl;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:18 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net.
[2620:137:e000::1:18])
by mx.google.com with ESMTPS id
n66-20020a632745000000b00565e8d041f5si3654910pgn.226.2023.08.19.07.53.52
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Sat, 19 Aug 2023 07:53:52 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:18 as permitted sender)
client-ip=2620:137:e000::1:18;
Authentication-Results: mx.google.com;
dkim=pass header.i=@kernel.org header.s=k20201202 header.b=ivwoZIfl;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:18 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
by lindbergh.monkeyblade.net (Postfix) with ESMTP id D603DD44CA;
Sat, 19 Aug 2023 01:45:20 -0700 (PDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S1353882AbjHQSZn (ORCPT <rfc822;shaohuahua6@gmail.com>
+ 99 others); Thu, 17 Aug 2023 14:25:43 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49614 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S1354539AbjHQSZQ (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Thu, 17 Aug 2023 14:25:16 -0400
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2F4113C11
for <linux-kernel@vger.kernel.org>;
Thu, 17 Aug 2023 11:24:45 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits))
(No client certificate requested)
by dfw.source.kernel.org (Postfix) with ESMTPS id EBB7464E97
for <linux-kernel@vger.kernel.org>;
Thu, 17 Aug 2023 18:23:44 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0FECEC433C7;
Thu, 17 Aug 2023 18:23:44 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
s=k20201202; t=1692296624;
bh=f5ptGtZ/YpXtDqus4xfoEV65ews+Fja02Yil5w3snuA=;
h=Date:From:To:Cc:Subject:From;
b=ivwoZIfl3uUPq8IRMK8Ypt/YDj0SBGkEMppQln56UfPVMhvdwCoEj/F6dm96XQZm2
tjduUHGUljtnpuUM/hOHR4+R1u9K/g0BcSo0c8geobQjXI/9KIYyljRUcDobA+UpVL
69LeK0I4khQMuGnXwfYU3tyug3xjd3PHb4Ps5JSheLz0tjORPMNAOC/Kdv4kYGDXF6
XRDGpgqbMfx8PHnZDAFEUGg3Ul3iOo3FWrt3mcHC3sY/qBQixxKa8OWwB+u+Y5T94z
xQQrtG21YnzXL4Ol0z4WUZJCJQNGuxojasThhmjagjACVWcgmy1ZeMG+if4DsriHiq
nVoaW5HTsYdkQ==
Received: by quaco.ghostprotocols.net (Postfix, from userid 1000)
id 534B3404DF; Thu, 17 Aug 2023 15:23:41 -0300 (-03)
Date: Thu, 17 Aug 2023 15:23:41 -0300
From: Arnaldo Carvalho de Melo <acme@kernel.org>
To: Namhyung Kim <namhyung@kernel.org>
Cc: Adrian Hunter <adrian.hunter@intel.com>,
Alan Maguire <alan.maguire@oracle.com>,
Ian Rogers <irogers@google.com>, Jiri Olsa <jolsa@kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: [PATCH 1/1] perf trace: Use heuristic when deciding if a syscall
tracepoint "const char *" field is really a string
Message-ID: <ZN5lrdeEdSMCn7hk@kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1774669615802053765
X-GMAIL-MSGID: 1774669615802053765
|
| Series |
[1/1] perf trace: Use heuristic when deciding if a syscall tracepoint "const char *" field is really a string
|
|
Commit Message
Arnaldo Carvalho de Melo
Aug. 17, 2023, 6:23 p.m. UTC
'perf trace' tries to find BPF progs associated with a syscall that have
a signature that is similar to syscalls without one to try and reuse,
so, for instance, the 'open' signature can be reused with many other
syscalls that have as its first arg a string.
It uses the tracefs events format file for finding a signature that can
be reused, but then comes the "write" syscall with its second argument
as a "const char *":
# cat /sys/kernel/debug/tracing/events/syscalls/sys_enter_write/format
name: sys_enter_write
ID: 746
format:
field:unsigned short common_type; offset:0; size:2; signed:0;
field:unsigned char common_flags; offset:2; size:1; signed:0;
field:unsigned char common_preempt_count; offset:3; size:1; signed:0;
field:int common_pid; offset:4; size:4; signed:1;
field:int __syscall_nr; offset:8; size:4; signed:1;
field:unsigned int fd; offset:16; size:8; signed:0;
field:const char * buf; offset:24; size:8; signed:0;
field:size_t count; offset:32; size:8; signed:0;
print fmt: "fd: 0x%08lx, buf: 0x%08lx, count: 0x%08lx", ((unsigned long)(REC->fd)), ((unsigned long)(REC->buf)), ((unsigned long)(REC->count))
#
Which isn't a string (the man page for glibc has buf as "void *"), so we
have to use the name of the argument as an heuristic, to consider a
string just args that are "const char *" and that have in its name the
"path", "file", etc substrings.
With that now it reuses:
[root@quaco ~]# perf trace -v --max-events=1 |& grep Reus
Reusing "open" BPF sys_enter augmenter for "stat"
Reusing "open" BPF sys_enter augmenter for "lstat"
Reusing "open" BPF sys_enter augmenter for "access"
Reusing "connect" BPF sys_enter augmenter for "accept"
Reusing "sendto" BPF sys_enter augmenter for "recvfrom"
Reusing "connect" BPF sys_enter augmenter for "bind"
Reusing "connect" BPF sys_enter augmenter for "getsockname"
Reusing "connect" BPF sys_enter augmenter for "getpeername"
Reusing "open" BPF sys_enter augmenter for "execve"
Reusing "open" BPF sys_enter augmenter for "truncate"
Reusing "open" BPF sys_enter augmenter for "chdir"
Reusing "open" BPF sys_enter augmenter for "mkdir"
Reusing "open" BPF sys_enter augmenter for "rmdir"
Reusing "open" BPF sys_enter augmenter for "creat"
Reusing "open" BPF sys_enter augmenter for "link"
Reusing "open" BPF sys_enter augmenter for "unlink"
Reusing "open" BPF sys_enter augmenter for "symlink"
Reusing "open" BPF sys_enter augmenter for "readlink"
Reusing "open" BPF sys_enter augmenter for "chmod"
Reusing "open" BPF sys_enter augmenter for "chown"
Reusing "open" BPF sys_enter augmenter for "lchown"
Reusing "open" BPF sys_enter augmenter for "mknod"
Reusing "open" BPF sys_enter augmenter for "statfs"
Reusing "open" BPF sys_enter augmenter for "pivot_root"
Reusing "open" BPF sys_enter augmenter for "chroot"
Reusing "open" BPF sys_enter augmenter for "acct"
Reusing "open" BPF sys_enter augmenter for "swapon"
Reusing "open" BPF sys_enter augmenter for "swapoff"
Reusing "open" BPF sys_enter augmenter for "delete_module"
Reusing "open" BPF sys_enter augmenter for "setxattr"
Reusing "open" BPF sys_enter augmenter for "lsetxattr"
Reusing "openat" BPF sys_enter augmenter for "fsetxattr"
Reusing "open" BPF sys_enter augmenter for "getxattr"
Reusing "open" BPF sys_enter augmenter for "lgetxattr"
Reusing "openat" BPF sys_enter augmenter for "fgetxattr"
Reusing "open" BPF sys_enter augmenter for "listxattr"
Reusing "open" BPF sys_enter augmenter for "llistxattr"
Reusing "open" BPF sys_enter augmenter for "removexattr"
Reusing "open" BPF sys_enter augmenter for "lremovexattr"
Reusing "fsetxattr" BPF sys_enter augmenter for "fremovexattr"
Reusing "open" BPF sys_enter augmenter for "mq_open"
Reusing "open" BPF sys_enter augmenter for "mq_unlink"
Reusing "fsetxattr" BPF sys_enter augmenter for "add_key"
Reusing "fremovexattr" BPF sys_enter augmenter for "request_key"
Reusing "fremovexattr" BPF sys_enter augmenter for "inotify_add_watch"
Reusing "fremovexattr" BPF sys_enter augmenter for "mkdirat"
Reusing "fremovexattr" BPF sys_enter augmenter for "mknodat"
Reusing "fremovexattr" BPF sys_enter augmenter for "fchownat"
Reusing "fremovexattr" BPF sys_enter augmenter for "futimesat"
Reusing "fremovexattr" BPF sys_enter augmenter for "newfstatat"
Reusing "fremovexattr" BPF sys_enter augmenter for "unlinkat"
Reusing "fremovexattr" BPF sys_enter augmenter for "linkat"
Reusing "open" BPF sys_enter augmenter for "symlinkat"
Reusing "fremovexattr" BPF sys_enter augmenter for "readlinkat"
Reusing "fremovexattr" BPF sys_enter augmenter for "fchmodat"
Reusing "fremovexattr" BPF sys_enter augmenter for "faccessat"
Reusing "fremovexattr" BPF sys_enter augmenter for "utimensat"
Reusing "connect" BPF sys_enter augmenter for "accept4"
Reusing "fremovexattr" BPF sys_enter augmenter for "name_to_handle_at"
Reusing "fremovexattr" BPF sys_enter augmenter for "renameat2"
Reusing "open" BPF sys_enter augmenter for "memfd_create"
Reusing "fremovexattr" BPF sys_enter augmenter for "execveat"
Reusing "fremovexattr" BPF sys_enter augmenter for "statx"
[root@quaco ~]#
Cc: Adrian Hunter <adrian.hunter@intel.com>
Cc: Alan Maguire <alan.maguire@oracle.com>
Cc: Ian Rogers <irogers@google.com>
Cc: Jiri Olsa <jolsa@kernel.org>
Cc: Namhyung Kim <namhyung@kernel.org>
Link: https://lore.kernel.org/lkml/
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
---
tools/perf/builtin-trace.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/tools/perf/builtin-trace.c b/tools/perf/builtin-trace.c index 3964cf44cdbcb3e8..e541d0e2777ab935 100644 --- a/tools/perf/builtin-trace.c +++ b/tools/perf/builtin-trace.c @@ -3398,6 +3398,19 @@ static struct bpf_program *trace__find_usable_bpf_prog_entry(struct trace *trace if (strcmp(field->type, candidate_field->type)) goto next_candidate; + /* + * This is limited in the BPF program but sys_write + * uses "const char *" for its "buf" arg so we need to + * use some heuristic that is kinda future proof... + */ + if (strcmp(field->type, "const char *") == 0 && + !(strstr(field->name, "name") || + strstr(field->name, "path") || + strstr(field->name, "file") || + strstr(field->name, "root") || + strstr(field->name, "description"))) + goto next_candidate; + is_candidate = true; }