Re: [RFC PATCH] tracing: BTF testing for kprobe-events
From: Steven Rostedt
Date: Mon Oct 11 2021 - 18:23:45 EST
On Thu, 23 Sep 2021 21:39:43 +0900
Masami Hiramatsu <mhiramat@xxxxxxxxxx> wrote:
> Hi Steve,
>
Hi Masami,
Sorry for the late reply, but Plumbers followed by OSS put me way behind,
and I just got to this email :-/
> Here I share my testing patch of the BTF for kprobe events.
> Currently this only allow user to specify '$$args' for
> tracing all arguments of the function. This is only
> avaialbe if
> - the probe point is on the function entry
> - the kernel is compiled with BTF (CONFIG_DEBUG_INFO_BTF)
> - the kernel is enables BPF (CONFIG_BPF_SYSCALL)
>
> And Special thanks to Sven! Most of BTF handling part of
> this patch comes from his patch [1]
>
> [1] https://stackframe.org/0001-ftrace-arg-hack.patch
Which is newer than this patch because he sent a v2, and that's a couple
patches down in my queue. I'll be looking at that one shortly as well.
>
> What I thought while coding this were;
> - kernel/bpf/btf.c can be moved under lib/ so that
> the other subsystems can reuse it, independent
> from BPF. (Also, this should depends on CONFIG_DEBUG_INFO_BTF)
Makes sense.
> - some more utility functions can be exposed.
> e.g. I copied btf_type_int() from btf.c
Agreed.
> - If there are more comments for the BTF APIs, it will
> be more useful...
> - Overall, the BTF is easy to understand for who
> already understand DWARF. Great work!
Great to hear.
> - I think I need 'ptr' and 'bool' types for fetcharg types.
>
> Anyway, this is just for testing. I have to add some
> more cleanup, features and documentations, etc.
This is awesome, and something to look at for a generic ftrace args point
of view too.
One issue is how do we handle multiple register values? Like a u64 type on
32 bit? As $arg1 is just a register that is in $arg1, for a u64 parameter
on 32 bit, that is usually handled with two registers.
Have thoughts on that?
I'll play with your patch today.
-- Steve