This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
Re: [PATCH] Linux Kernel Markers
- From: "S. P. Prasanna" <prasanna at in dot ibm dot com>
- To: Martin Bligh <mbligh at google dot com>
- Cc: Andrew Morton <akpm at osdl dot org>, "Frank Ch. Eigler" <fche at redhat dot com>, Ingo Molnar <mingo at elte dot hu>, Mathieu Desnoyers <mathieu dot desnoyers at polymtl dot ca>, Paul Mundt <lethal at linux-sh dot org>, linux-kernel <linux-kernel at vger dot kernel dot org>, Jes Sorensen <jes at sgi dot com>, Tom Zanussi <zanussi at us dot ibm dot com>, Richard J Moore <richardj_moore at uk dot ibm dot com>, Michel Dagenais <michel dot dagenais at polymtl dot ca>, Christoph Hellwig <hch at infradead dot org>, Greg Kroah-Hartman <gregkh at suse dot de>, Thomas Gleixner <tglx at linutronix dot de>, William Cohen <wcohen at redhat dot com>, ltt-dev at shafik dot org, systemtap at sources dot redhat dot com, Alan Cox <alan at lxorguk dot ukuu dot org dot uk>
- Date: Tue, 19 Sep 2006 12:08:21 +0530
- Subject: Re: [PATCH] Linux Kernel Markers
- References: <20060918234502.GA197@Krystal> <20060919081124.GA30394@elte.hu> <451008AC.6030006@google.com> <20060919154612.GU3951@redhat.com> <4510151B.5070304@google.com> <20060919093935.4ddcefc3.akpm@osdl.org> <45101DBA.7000901@google.com>
- Reply-to: prasanna at in dot ibm dot com
On Tue, Sep 19, 2006 at 09:41:30AM -0700, Martin Bligh wrote:
> Andrew Morton wrote:
> >On Tue, 19 Sep 2006 09:04:43 -0700
> >Martin Bligh <mbligh@google.com> wrote:
> >
> >
> >>It seems like all we'd need to do
> >>is "list all references to function, freeze kernel, update all
> >>references, continue"
> >
> >
> >"overwrite first 5 bytes of old function with `jmp new_function'".
>
> Yes, that's simple. but slower, as you have a double jump. Probably
> a damned sight faster than int3 though.
>
> M.
The advantage of using int3 over jmp to launch the instrumented
module is that int3 (or breakpoint in most architectures) is an
atomic operation to insert.
I am getting some more ideas...
1. Copy the original functions, instrument them and insert them as
a part of kernel module with different name prefix.
2. Insert breakpoint only on those routines at runtime.
3. When the breakpoint gets hit, change the instruction pointer to
the instrumented routine. No need to single step at all.
Adv:
Can be enabled/disabled dynamically by inserting/removing
breakpoints. No overhead of single stepping.
No restriction of running the handler in interrupt context.
You can have pre-compiled instrumented routines.
This mechanism can be used for pre-defined set of routines and for
arbiratory probe points, you can use kprobes/jprobes/systemtap.
No need to be super-user for predefined breakpoints.
Dis:
Maintainence of the code, since it can code base need to be
duplicated and instrumented.
The above idea is similar to runtime or dynamic patching, but here we
use int3(breakpoint) rather than jump instruction.
Please correct me if I am wrong.
Please let me know if need more information.
Thanks
Prasanna
--
Prasanna S.P.
Linux Technology Center
India Software Labs, IBM Bangalore
Email: prasanna@in.ibm.com
Ph: 91-80-41776329