This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Tapset difficulties w/ functions


Hi all,

In working on the 'process' tapset, I've encountered a few difficulties
that I thought I would share, so we can search the collective mind for
solutions.  I've split this into two emails to separate the related
parts...

For the process.exec probe, the best function I found is do_execve.
However, I also need to cover compat_do_execve for the case where a
32-bit app execs on a 64-bit kernel.  The compat variant is only present
on 64-bit kernels where support for running 32-bit apps is enabled.  I
could make the inclusion of compat dependent on detecting a 64-bit
architecture, as long as no one disables 32-bit support.  Another option
is to use a wildcard match, "*do_execve", and this will work great as
long as the kernel never adds a new function that matches
(prepare_to_do_execve, perhaps).

A very clean solution I came up with requires tapset wildcards that
ignore "missing" matches.  We've discussed this before to make
"syscall.*" easier, but that was decided against.  However, here's
another example of how this could make things very clean:

  probe process.exec = _process.exec.* { /* do stuff */ }
  probe _process.exec.part1 = kernel.function("do_execve") {}
  probe _process.exec.part2 = kernel.function("compat_do_execve") {}

When the compat is missing, this would just continue silently with only
do_execve.

Another problem I have is with a signal handling probe - handle_signal
seems perfect for this, except that on the 2096_FC5 kernel this function
is inlined.  It's not decorated 'inline', so apparantly the compiler
just chose it for inlining.  On RHEL4 it is not inlined.  Without
special-casing every kernel version in a macro, I don't see a way to
detect this.  One solution is to have a new dwarf-probe that will match
both normal functions and inlines.  I also want to show that tapset
wildcards could solve this:

  probe process.signal.handle = _process.signal.handle.* { /* do stuff
*/ }
  probe _process.signal.handle.part1 = kernel.function("handle_signal")
{}
  probe _process.signal.handle.part2 = kernel.inline("handle_signal") {}

A similar mechanism could also be used to find functions that may have
been compiled as a module by switching the parts on kernel.[...] and
module("foo").[...]


Josh


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]