This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
Tapset difficulties w/ functions
- From: "Stone, Joshua I" <joshua dot i dot stone at intel dot com>
- To: <systemtap at sourceware dot org>
- Date: Fri, 28 Apr 2006 16:16:37 -0700
- Subject: Tapset difficulties w/ functions
Hi all,
In working on the 'process' tapset, I've encountered a few difficulties
that I thought I would share, so we can search the collective mind for
solutions. I've split this into two emails to separate the related
parts...
For the process.exec probe, the best function I found is do_execve.
However, I also need to cover compat_do_execve for the case where a
32-bit app execs on a 64-bit kernel. The compat variant is only present
on 64-bit kernels where support for running 32-bit apps is enabled. I
could make the inclusion of compat dependent on detecting a 64-bit
architecture, as long as no one disables 32-bit support. Another option
is to use a wildcard match, "*do_execve", and this will work great as
long as the kernel never adds a new function that matches
(prepare_to_do_execve, perhaps).
A very clean solution I came up with requires tapset wildcards that
ignore "missing" matches. We've discussed this before to make
"syscall.*" easier, but that was decided against. However, here's
another example of how this could make things very clean:
probe process.exec = _process.exec.* { /* do stuff */ }
probe _process.exec.part1 = kernel.function("do_execve") {}
probe _process.exec.part2 = kernel.function("compat_do_execve") {}
When the compat is missing, this would just continue silently with only
do_execve.
Another problem I have is with a signal handling probe - handle_signal
seems perfect for this, except that on the 2096_FC5 kernel this function
is inlined. It's not decorated 'inline', so apparantly the compiler
just chose it for inlining. On RHEL4 it is not inlined. Without
special-casing every kernel version in a macro, I don't see a way to
detect this. One solution is to have a new dwarf-probe that will match
both normal functions and inlines. I also want to show that tapset
wildcards could solve this:
probe process.signal.handle = _process.signal.handle.* { /* do stuff
*/ }
probe _process.signal.handle.part1 = kernel.function("handle_signal")
{}
probe _process.signal.handle.part2 = kernel.inline("handle_signal") {}
A similar mechanism could also be used to find functions that may have
been compiled as a module by switching the parts on kernel.[...] and
module("foo").[...]
Josh