On 17/07/2023 16:23, Masami Hiramatsu (Google) wrote: > Hi, > > Here is the 2nd version of series to improve the BTF support on probe events. > The previous series is here: > > https://lore.kernel.org/linux-trace-kernel/168699521817.528797.13179901018528120324.stgit@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx/ > > In this version, I added a NULL check fix patch [1/9] (which will go to > fixes branch) and move BTF related API to kernel/bpf/btf.c [2/9] and add > a new BTF API [3/9] so that anyone can reuse it. > Also I decided to use '$retval' directly instead of 'retval' pseudo BTF > variable for field access at [5/9] because I introduced an idea to choose > function 'exit' event automatically if '$retval' is used [7/9]. With that > change, we can not use 'retval' because if a function has 'retval' > argument, we can not decide 'f func retval' is function exit or entry. this is fantastic work! (FWIW I ran into the retval argument issue with ksnoop as well; I got around it by using "return" to signify the return value since as a reserved word it won't clash with a variable name. However in the trace subsystem context retval is used extensively so makes sense to stick with that). One thing we should probably figure out is a common approach to handling ambiguous static functions that will work across ftrace and BPF. A few edge cases that are worth figuring out: 1. a static function with the same name exists in multiple modules, either with different or identical function signatures 2. a static function has .isra.0 and other gcc suffixes applied to static functions during optimization As Alexei mentioned, we're still working on 1, so it would be good to figure out a naming scheme that works well in both ftrace and BPF contexts. There are a few hundred of these ambiguous functions. My reading of the fprobe docs seems to suggest that there is no mechanism to specify a specific module for a given symbol (as in ftrace filters), is that right? Jiri led a session on this topic at LSF/MM/BPF ; perhaps we should carve out some time at Plumbers to discuss this? With respect to 2, pahole v1.25 will generate representations for these "."-suffixed functions in BTF via --btf_gen_optimized [1]. (BTF representation is skipped if the optimizations impact on the registers used for function arguments; if these don't match calling conventions due to optimized-out params, we don't represent the function in BTF, as the tracing expectations are violated). However the BTF function name - in line with DWARF representation - will not have the .isra suffix. So the thing to bear in mind is if you use the function name with suffix as the fprobe function name, a BTF lookup of that exact ("foo.isra.0") name will not find anything, while a lookup of "foo" will succeed. I'll add some specifics in your patch doing the lookups, but just wanted to highlight the issue at the top-level. Thanks! Alan [1] https://lore.kernel.org/bpf/1675790102-23037-1-git-send-email-alan.maguire@xxxxxxxxxx/ > Selftest test case [8/9] and document [9/9] are also updated according to > those changes. > > This series can be applied on top of "v6.5-rc2" kernel. > > You can also get this series from: > > git://git.kernel.org/pub/scm/linux/kernel/git/mhiramat/linux.git topic/fprobe-event-ext > > > Thank you, > > --- > > Masami Hiramatsu (Google) (9): > tracing/probes: Fix to add NULL check for BTF APIs > bpf/btf: tracing: Move finding func-proto API and getting func-param API to BTF > bpf/btf: Add a function to search a member of a struct/union > tracing/probes: Support BTF based data structure field access > tracing/probes: Support BTF field access from $retval > tracing/probes: Add string type check with BTF > tracing/fprobe-event: Assume fprobe is a return event by $retval > selftests/ftrace: Add BTF fields access testcases > Documentation: tracing: Update fprobe event example with BTF field > > > Documentation/trace/fprobetrace.rst | 50 ++ > include/linux/btf.h | 7 > kernel/bpf/btf.c | 83 ++++ > kernel/trace/trace_fprobe.c | 58 ++- > kernel/trace/trace_probe.c | 402 +++++++++++++++----- > kernel/trace/trace_probe.h | 12 + > .../ftrace/test.d/dynevent/add_remove_btfarg.tc | 11 + > .../ftrace/test.d/dynevent/fprobe_syntax_errors.tc | 6 > 8 files changed, 503 insertions(+), 126 deletions(-) > > -- > Masami Hiramatsu (Google) <mhiramat@xxxxxxxxxx> >
