Re: [PATCH 3/3] tracing: Provide traceevents interface for uprobes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2012-04-03 at 06:35 +0530, Srikar Dronamraju wrote:
> From: Srikar Dronamraju <srikar@xxxxxxxxxxxxxxxxxx>
> --- /dev/null
> +++ b/Documentation/trace/uprobetracer.txt
> @@ -0,0 +1,93 @@
> +		Uprobe-tracer: Uprobe-based Event Tracing
> +		=========================================
> +                 Documentation written by Srikar Dronamraju
> +
> +Overview
> +--------
> +Uprobe based trace events are similar to kprobe based trace events.
> +To enable this feature, build your kernel with CONFIG_UPROBE_EVENTS=y.
> +
> +Similar to the kprobe-event tracer, this doesn't need to be activated via
> +current_tracer. Instead of that, add probe points via
> +/sys/kernel/debug/tracing/uprobe_events, and enable it via
> +/sys/kernel/debug/tracing/events/uprobes/<EVENT>/enabled.
> +
> +
> +Synopsis of uprobe_tracer
> +-------------------------
> +  p[:[GRP/]EVENT] PATH:SYMBOL[+offs] [FETCHARGS]	: Set a probe
> +
> + GRP		: Group name. If omitted, use "uprobes" for it.
> + EVENT		: Event name. If omitted, the event name is generated
> +		  based on SYMBOL+offs.
> + PATH		: path to an executable or a library.
> + SYMBOL[+offs]	: Symbol+offset where the probe is inserted.
> +
> + FETCHARGS	: Arguments. Each probe can have up to 128 args.
> +  %REG		: Fetch register REG
> +
> +Event Profiling
> +---------------
> + You can check the total number of probe hits and probe miss-hits via
> +/sys/kernel/debug/tracing/uprobe_profile.
> + The first column is event name, the second is the number of probe hits,
> +the third is the number of probe miss-hits.
> +
> +Usage examples
> +--------------
> +To add a probe as a new event, write a new definition to uprobe_events
> +as below.
> +
> +  echo 'p: /bin/bash:0x4245c0' > /sys/kernel/debug/tracing/uprobe_events
> +
> + This sets a uprobe at an offset of 0x4245c0 in the executable /bin/bash
> +
> +
> +  echo > /sys/kernel/debug/tracing/uprobe_events
> +
> + This clears all probe points.
> +
> +The following example shows how to dump the instruction pointer and %ax
> +a register at the probed text address.  Here we are trying to probe
> +function zfree in /bin/zsh
> +
> +    # cd /sys/kernel/debug/tracing/
> +    # cat /proc/`pgrep  zsh`/maps | grep /bin/zsh | grep r-xp
> +    00400000-0048a000 r-xp 00000000 08:03 130904 /bin/zsh
> +    # objdump -T /bin/zsh | grep -w zfree
> +    0000000000446420 g    DF .text  0000000000000012  Base        zfree
> +
> +0x46420 is the offset of zfree in object /bin/zsh that is loaded at
> +0x00400000. Hence the command to probe would be :
> +
> +    # echo 'p /bin/zsh:0x46420 %ip %ax' > uprobe_events

Nice example, but I would explicitly state that the uprobe event
interface expects the offset in the object, which needs to be
calculated. This may be a nit, but as I'm a bit tired (been out late
last night here at the current conference I'm in ;-), I had to read it
three times before I figured it out.

> +
> +We can see the events that are registered by looking at the uprobe_events
> +file.
> +
> +    # cat uprobe_events
> +    p:uprobes/p_zsh_0x46420 /bin/zsh:0x0000000000046420
> +
> +Right after definition, each event is disabled by default. For tracing these
> +events, you need to enable it by:
> +
> +    # echo 1 > events/uprobes/enable
> +
> +Lets disable the event after sleeping for some time.
> +    # sleep 20
> +    # echo 0 > events/uprobes/enable
> +
> +And you can see the traced information via /sys/kernel/debug/tracing/trace.
> +
> +    # cat trace
> +    # tracer: nop
> +    #
> +    #           TASK-PID    CPU#    TIMESTAMP  FUNCTION
> +    #              | |       |          |         |
> +                 zsh-24842 [006] 258544.995456: p_zsh_0x46420: (0x446420) arg1=446421 arg2=79
> +                 zsh-24842 [007] 258545.000270: p_zsh_0x46420: (0x446420) arg1=446421 arg2=79
> +                 zsh-24842 [002] 258545.043929: p_zsh_0x46420: (0x446420) arg1=446421 arg2=79
> +                 zsh-24842 [004] 258547.046129: p_zsh_0x46420: (0x446420) arg1=446421 arg2=79
> +
> +Each line shows us probes were triggered for a pid 24842 with ip being
> +0x446421 and contents of ax register being 79.
> diff --git a/kernel/trace/Kconfig b/kernel/trace/Kconfig
> index ce5a5c5..18f03a6 100644
> --- a/kernel/trace/Kconfig
> +++ b/kernel/trace/Kconfig
> @@ -386,6 +386,22 @@ config KPROBE_EVENT
>  	  This option is also required by perf-probe subcommand of perf tools.
>  	  If you want to use perf tools, this option is strongly recommended.
>  
> +config UPROBE_EVENT
> +	bool "Enable uprobes-based dynamic events"
> +	depends on ARCH_SUPPORTS_UPROBES
> +	depends on MMU
> +	select UPROBES
> +	select PROBE_EVENTS
> +	select TRACING
> +	default n
> +	help
> +	  This allows the user to add tracing events on top of userspace dynamic
> +	  events (similar to tracepoints) on the fly via the traceevents interface.

s/traceevents/trace events/

> +	  Those events can be inserted wherever uprobes can probe, and record
> +	  various registers.
> +	  This option is required if you plan to use perf-probe subcommand of perf
> +	  tools on user space applications.
> +
>  config PROBE_EVENTS
>  	def_bool n
>  
> diff --git a/kernel/trace/Makefile b/kernel/trace/Makefile
> index fa10d5c..1734c03 100644
> --- a/kernel/trace/Makefile
> +++ b/kernel/trace/Makefile
> @@ -62,5 +62,6 @@ ifeq ($(CONFIG_TRACING),y)
>  obj-$(CONFIG_KGDB_KDB) += trace_kdb.o
>  endif
>  obj-$(CONFIG_PROBE_EVENTS) += trace_probe.o
> +obj-$(CONFIG_UPROBE_EVENT) += trace_uprobe.o
>  
>  libftrace-y := ftrace.o
> diff --git a/kernel/trace/trace.h b/kernel/trace/trace.h
> index 95059f0..1bcdbec 100644
> --- a/kernel/trace/trace.h
> +++ b/kernel/trace/trace.h
> @@ -103,6 +103,11 @@ struct kretprobe_trace_entry_head {
>  	unsigned long		ret_ip;
>  };
>  
> +struct uprobe_trace_entry_head {
> +	struct trace_entry	ent;
> +	unsigned long		ip;
> +};
> +
>  /*
>   * trace_flag_type is an enumeration that holds different
>   * states when a trace occurs. These are:
> diff --git a/kernel/trace/trace_kprobe.c b/kernel/trace/trace_kprobe.c
> index f8b7773..eb52983 100644
> --- a/kernel/trace/trace_kprobe.c
> +++ b/kernel/trace/trace_kprobe.c
> @@ -524,8 +524,8 @@ static int create_trace_probe(int argc, char **argv)
>  		}
>  
>  		/* Parse fetch argument */
> -		ret = traceprobe_parse_probe_arg(arg, &tp->size, &tp->args[i],
> -								is_return);
> +		ret = traceprobe_parse_probe_arg(arg, &tp->size,
> +					&tp->args[i], is_return, true);
>  		if (ret) {
>  			pr_info("Parse error at argument[%d]. (%d)\n", i, ret);
>  			goto error;
> diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c
> index deb375a..56d0705 100644
> --- a/kernel/trace/trace_probe.c
> +++ b/kernel/trace/trace_probe.c
> @@ -552,7 +552,7 @@ static int parse_probe_vars(char *arg, const struct fetch_type *t,
>  
>  /* Recursive argument parser */
>  static int parse_probe_arg(char *arg, const struct fetch_type *t,
> -		     struct fetch_param *f, bool is_return)
> +		     struct fetch_param *f, bool is_return, bool is_kprobe)
>  {
>  	unsigned long param;
>  	long offset;
> @@ -560,6 +560,10 @@ static int parse_probe_arg(char *arg, const struct fetch_type *t,
>  	int ret;
>  
>  	ret = 0;
> +	/* Until uprobe_events supports only reg arguments */

Blank line is needed after the ret = 0;

> +	if (!is_kprobe && arg[0] != '%')
> +		return -EINVAL;
> +
>  	switch (arg[0]) {
>  	case '$':
>  		ret = parse_probe_vars(arg + 1, t, f, is_return);
> @@ -621,7 +625,8 @@ static int parse_probe_arg(char *arg, const struct fetch_type *t,
>  				return -ENOMEM;
>  
>  			dprm->offset = offset;
> -			ret = parse_probe_arg(arg, t2, &dprm->orig, is_return);
> +			ret = parse_probe_arg(arg, t2, &dprm->orig, is_return,
> +							is_kprobe);
>  			if (ret)
>  				kfree(dprm);
>  			else {
> @@ -679,7 +684,7 @@ static int __parse_bitfield_probe_arg(const char *bf,
>  
>  /* String length checking wrapper */
>  int traceprobe_parse_probe_arg(char *arg, ssize_t *size,
> -		struct probe_arg *parg, bool is_return)
> +		struct probe_arg *parg, bool is_return, bool is_kprobe)
>  {
>  	const char *t;
>  	int ret;
> @@ -705,7 +710,7 @@ int traceprobe_parse_probe_arg(char *arg, ssize_t *size,
>  	}
>  	parg->offset = *size;
>  	*size += parg->type->size;
> -	ret = parse_probe_arg(arg, parg->type, &parg->fetch, is_return);
> +	ret = parse_probe_arg(arg, parg->type, &parg->fetch, is_return, is_kprobe);
>  
>  	if (ret >= 0 && t != NULL)
>  		ret = __parse_bitfield_probe_arg(t, parg->type, &parg->fetch);
> diff --git a/kernel/trace/trace_probe.h b/kernel/trace/trace_probe.h
> index 2df9a18..9337086 100644
> --- a/kernel/trace/trace_probe.h
> +++ b/kernel/trace/trace_probe.h
> @@ -66,6 +66,7 @@
>  #define TP_FLAG_TRACE		1
>  #define TP_FLAG_PROFILE		2
>  #define TP_FLAG_REGISTERED	4
> +#define TP_FLAG_UPROBE		8
>  
> 
>  /* data_rloc: data relative location, compatible with u32 */
> @@ -143,7 +144,7 @@ static inline int is_good_name(const char *name)
>  }
>  
>  extern int traceprobe_parse_probe_arg(char *arg, ssize_t *size,
> -		   struct probe_arg *parg, bool is_return);
> +		   struct probe_arg *parg, bool is_return, bool is_kprobe);
>  
>  extern int traceprobe_conflict_field_name(const char *name,
>  			       struct probe_arg *args, int narg);
> diff --git a/kernel/trace/trace_uprobe.c b/kernel/trace/trace_uprobe.c
> new file mode 100644
> index 0000000..d8b11cf
> --- /dev/null
> +++ b/kernel/trace/trace_uprobe.c
> @@ -0,0 +1,787 @@
> +/*
> + * uprobes-based tracing events
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License version 2 as
> + * published by the Free Software Foundation.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program; if not, write to the Free Software
> + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
> + *
> + * Copyright (C) IBM Corporation, 2010-2012
> + * Author:	Srikar Dronamraju <srikar@xxxxxxxxxxxxxxxxxx>
> + */
> +
> +#include <linux/module.h>
> +#include <linux/uaccess.h>
> +#include <linux/uprobes.h>
> +#include <linux/namei.h>
> +
> +#include "trace_probe.h"
> +
> +#define UPROBE_EVENT_SYSTEM	"uprobes"
> +
> +/**
> + * uprobe event core functions
> + */
> +struct trace_uprobe;
> +struct uprobe_trace_consumer {
> +	struct uprobe_consumer		cons;
> +	struct trace_uprobe		*tp;
> +};
> +
> +struct trace_uprobe {
> +	struct list_head		list;
> +	struct ftrace_event_class	class;
> +	struct ftrace_event_call	call;
> +	struct uprobe_trace_consumer	*consumer;
> +	struct inode			*inode;
> +	char				*filename;
> +	unsigned long			offset;
> +	unsigned long			nhit;
> +	unsigned int			flags;	/* For TP_FLAG_* */
> +	ssize_t				size;	/* trace entry size */
> +	unsigned int			nr_args;
> +	struct probe_arg		args[];
> +};
> +
> +#define SIZEOF_TRACE_UPROBE(n)			\
> +	(offsetof(struct trace_uprobe, args) +	\
> +	(sizeof(struct probe_arg) * (n)))
> +
> +static int register_uprobe_event(struct trace_uprobe *tp);
> +static void unregister_uprobe_event(struct trace_uprobe *tp);
> +
> +static DEFINE_MUTEX(uprobe_lock);
> +static LIST_HEAD(uprobe_list);
> +
> +static int uprobe_dispatcher(struct uprobe_consumer *con, struct pt_regs *regs);
> +
> +/*
> + * Allocate new trace_uprobe and initialize it (including uprobes).
> + */
> +static struct trace_uprobe *
> +alloc_trace_uprobe(const char *group, const char *event, int nargs)
> +{
> +	struct trace_uprobe *tp;
> +
> +	if (!event || !is_good_name(event))
> +		return ERR_PTR(-EINVAL);
> +
> +	if (!group || !is_good_name(group))
> +		return ERR_PTR(-EINVAL);
> +
> +	tp = kzalloc(SIZEOF_TRACE_UPROBE(nargs), GFP_KERNEL);
> +	if (!tp)
> +		return ERR_PTR(-ENOMEM);
> +
> +	tp->call.class = &tp->class;
> +	tp->call.name = kstrdup(event, GFP_KERNEL);
> +	if (!tp->call.name)
> +		goto error;
> +
> +	tp->class.system = kstrdup(group, GFP_KERNEL);
> +	if (!tp->class.system)
> +		goto error;
> +
> +	INIT_LIST_HEAD(&tp->list);
> +	return tp;
> +
> +error:
> +	kfree(tp->call.name);
> +	kfree(tp);
> +
> +	return ERR_PTR(-ENOMEM);
> +}
> +
> +static void free_trace_uprobe(struct trace_uprobe *tp)
> +{
> +	int i;
> +
> +	for (i = 0; i < tp->nr_args; i++)
> +		traceprobe_free_probe_arg(&tp->args[i]);
> +
> +	iput(tp->inode);
> +	kfree(tp->call.class->system);
> +	kfree(tp->call.name);
> +	kfree(tp->filename);
> +	kfree(tp);
> +}
> +
> +static struct trace_uprobe *find_probe_event(const char *event, const char *group)
> +{
> +	struct trace_uprobe *tp;
> +
> +	list_for_each_entry(tp, &uprobe_list, list)
> +		if (strcmp(tp->call.name, event) == 0 &&
> +		    strcmp(tp->call.class->system, group) == 0)
> +			return tp;
> +
> +	return NULL;
> +}
> +
> +/* Unregister a trace_uprobe and probe_event: call with locking uprobe_lock */
> +static void unregister_trace_uprobe(struct trace_uprobe *tp)
> +{
> +	list_del(&tp->list);
> +	unregister_uprobe_event(tp);
> +	free_trace_uprobe(tp);
> +}
> +
> +/* Register a trace_uprobe and probe_event */
> +static int register_trace_uprobe(struct trace_uprobe *tp)
> +{
> +	struct trace_uprobe *old_tp;
> +	int ret;
> +
> +	mutex_lock(&uprobe_lock);
> +
> +	/* register as an event */
> +	old_tp = find_probe_event(tp->call.name, tp->call.class->system);
> +	if (old_tp)
> +		/* delete old event */
> +		unregister_trace_uprobe(old_tp);
> +
> +	ret = register_uprobe_event(tp);
> +	if (ret) {
> +		pr_warning("Failed to register probe event(%d)\n", ret);
> +		goto end;
> +	}
> +
> +	list_add_tail(&tp->list, &uprobe_list);
> +
> +end:
> +	mutex_unlock(&uprobe_lock);
> +
> +	return ret;
> +}
> +
> +/*
> + * Argument syntax:
> + *  - Add uprobe: p[:[GRP/]EVENT] PATH:SYMBOL[+offs] [FETCHARGS]
> + *
> + *  - Remove uprobe: -:[GRP/]EVENT
> + */
> +static int create_trace_uprobe(int argc, char **argv)
> +{
> +	struct trace_uprobe *tp;
> +	struct inode *inode;
> +	char *arg, *event, *group, *filename;
> +	char buf[MAX_EVENT_NAME_LEN];
> +	struct path path;
> +	unsigned long offset;
> +	bool is_delete;
> +	int i, ret;
> +
> +	inode = NULL;
> +	ret = 0;
> +	is_delete = false;
> +	arg = NULL;
> +	event = NULL;
> +	group = NULL;
> +
> +	/* argc must be >= 1 */
> +	if (argv[0][0] == '-')
> +		is_delete = true;
> +	else if (argv[0][0] != 'p') {
> +		pr_info("Probe definition must be started with 'p', 'r' or" " '-'.\n");
> +		return -EINVAL;
> +	}
> +
> +	if (argv[0][1] == ':') {
> +		event = &argv[0][2];
> +
> +		if (strchr(event, '/')) {

What about using a temp variable above so that you do not need to repeat
the search (strchr) again below?

-- Steve

> +			group = event;
> +			event = strchr(group, '/') + 1;
> +			event[-1] = '\0';
> +
> +			if (strlen(group) == 0) {
> +				pr_info("Group name is not specified\n");
> +				return -EINVAL;
> +			}
> +		}
> +		if (strlen(event) == 0) {
> +			pr_info("Event name is not specified\n");
> +			return -EINVAL;
> +		}
> +	}
> +	if (!group)
> +		group = UPROBE_EVENT_SYSTEM;
> +
> +	if (is_delete) {
> +		if (!event) {
> +			pr_info("Delete command needs an event name.\n");
> +			return -EINVAL;
> +		}
> +		mutex_lock(&uprobe_lock);
> +		tp = find_probe_event(event, group);
> +
> +		if (!tp) {
> +			mutex_unlock(&uprobe_lock);
> +			pr_info("Event %s/%s doesn't exist.\n", group, event);
> +			return -ENOENT;
> +		}
> +		/* delete an event */
> +		unregister_trace_uprobe(tp);
> +		mutex_unlock(&uprobe_lock);
> +		return 0;
> +	}
> +
> +	if (argc < 2) {
> +		pr_info("Probe point is not specified.\n");
> +		return -EINVAL;
> +	}
> +	if (isdigit(argv[1][0])) {
> +		pr_info("probe point must be have a filename.\n");
> +		return -EINVAL;
> +	}
> +	arg = strchr(argv[1], ':');
> +	if (!arg)
> +		goto fail_address_parse;
> +
> +	*arg++ = '\0';
> +	filename = argv[1];
> +	ret = kern_path(filename, LOOKUP_FOLLOW, &path);
> +	if (ret)
> +		goto fail_address_parse;
> +
> +	ret = strict_strtoul(arg, 0, &offset);
> +	if (ret)
> +		goto fail_address_parse;
> +
> +	inode = igrab(path.dentry->d_inode);
> +
> +	argc -= 2;
> +	argv += 2;
> +

> 


--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>


[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]