Re: [PATCH] Linux Kernel Markers

From: Martin Bligh
Date: Tue Sep 19 2006 - 12:06:32 EST

Next message: Vara Prasad: "Re: [PATCH] Linux Kernel Markers"
Previous message: Alan Stern: "Re: Uses for memory barriers"
In reply to: Frank Ch. Eigler: "Re: [PATCH] Linux Kernel Markers"
Next in thread: Andrew Morton: "Re: [PATCH] Linux Kernel Markers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Frank Ch. Eigler wrote:

Hi -

On Tue, Sep 19, 2006 at 08:11:40AM -0700, Martin J. Bligh wrote:

[...] Why don't we just copy the whole damned function somewhere
else, and make an instrumented copy (as a kernel module)? Then
reroute all the function calls through it [...]

Interesting idea. Are you imagining this instrumented copy being
built at kernel compile time (something like building a "-g -O0"
parallel)? Or compiled anew from original sources after deployment?
Or on-the-fly binary-level rewriting a la SPIN?

"compiled anew from original sources after deployment" seems the most
practical to do to me. From second hand info on using systemtap, you
seem to need the same compiler and source tree to work from anyway, so
this doesn't seem much of a burden.

OK, it's not completely trivial to do, but simpler than kprobes [...]

None of the three above are that easy. Do you have an implementation
idea?

not in detail, but given the problems that the other probe technologies
solved, it seems easy in comparison. It seems like all we'd need to do
is "list all references to function, freeze kernel, update all
references, continue", but perhaps I'm oversimplifying it ... if it's
all just straight calls, it'd seem easy. The freeze would be very short,
it's just poking a few addresses.

Having multiple hooks inside the same function pieced in at different
times, etc gets tricky, but you can always fall back on one of the other
methods if you get something complicated (or enforce some self-dicipline
in userspace on how to compound them together).

Ingo Molnar wrote:
> yeah, this would be nice - if it werent it for function pointers,
> and if all kernel functions were relocatable. But if you can think of
> a method to do this, it would be nice.

Well, it doesn't have to work for everything. But would be much nicer
for when it does work, it seems to me. Which functions are not
relocatable? Function pointers are indeed a problem, for the functions
they're used on, but they're not common. Some simple markup for these
types of functions would fix it easily enough, I'd think.

A more common problem would seem to me to be instrumenting a inlined
function that was pulled into multiple places, but even that doesn't
seem particularly difficult.

M.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Vara Prasad: "Re: [PATCH] Linux Kernel Markers"
Previous message: Alan Stern: "Re: Uses for memory barriers"
In reply to: Frank Ch. Eigler: "Re: [PATCH] Linux Kernel Markers"
Next in thread: Andrew Morton: "Re: [PATCH] Linux Kernel Markers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]