Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BEGIN/END: Add more reliable implementation #2264

Merged
merged 5 commits into from
Jul 14, 2022
Merged

BEGIN/END: Add more reliable implementation #2264

merged 5 commits into from
Jul 14, 2022

Conversation

danobi
Copy link
Member

@danobi danobi commented Jun 12, 2022

Before, we implemented BEGIN/END probes as uprobes, attached the probes
to trigger functions in /proc/self/exe, and triggered the prog by calling
the trigger functions. This works well most of the time except for when
distros decide to strip symbols from bpftrace.

This commit makes BEGIN/END probes more reliable by implementing special
probes as BPF_PROG_TYPE_RAW_TRACEPOINT and calling BPF_PROG_RUN on them.
This is ok b/c we don't allow users to access any associated ctx in
speical probes anyways. And we choose raw_tp prog type b/c it has
BPF_PROG_RUN implemented.

I did try to implement BPF_PROG_RUN on BPF_PROG_TYPE_KPROBE in the
kernel but upstream didn't like it too much:
https://lore.kernel.org/bpf/[email protected]/ .
So we have raw_tp instead.

Checklist
  • Language changes are updated in man/adoc/bpftrace.adoc and if needed in docs/reference_guide.md
  • User-visible and non-trivial changes updated in CHANGELOG.md
  • The new behaviour is covered by tests

@danobi danobi force-pushed the special_raw_tp branch 3 times, most recently from 72eb896 to f86d940 Compare June 13, 2022 00:19
viktormalik
viktormalik reviewed Jun 13, 2022
View reviewed changes
Copy link
Contributor

@viktormalik viktormalik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I really like this, handling of BEGIN/END has been a bit of pain so far.

Just one thing: there are some places where BEGIN and END are treated as special cases of uprobes. Those could be cleaned as a part of this PR.

@danobi
Copy link
Member Author

danobi commented Jun 13, 2022

Just one thing: there are some places where BEGIN and END are treated as special cases of uprobes. Those could be cleaned as a part of this PR.

Which parts are you referring to?

I left the old codepath in b/c BPF_PROG_RUN for raw_tp was only added in late 2020: https://lore.kernel.org/bpf/[email protected]/ . So I'm concerned we'll leave some of our users hanging if we only use this new approach.

@viktormalik
Copy link
Contributor

Which parts are you referring to?

I found 2 occurrences that could be removed:

@danobi
Copy link
Member Author

danobi commented Jun 14, 2022

Ah yeah good finds. I'll fix that up and debug the test failures some time this week.

@danobi
Copy link
Member Author

danobi commented Jul 2, 2022

Done

@danobi danobi mentioned this pull request Jul 9, 2022
Closed
ajor
ajor approved these changes Jul 11, 2022
View reviewed changes
Copy link
Member

@ajor ajor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for doing this, looks much better!

src/attached_probe.cpp Outdated Show resolved Hide resolved
@danobi danobi mentioned this pull request Jul 12, 2022
Closed
danobi added 5 commits July 13, 2022 23:41
@danobi
NFC: Remove default case from switch
edd0065 
Better to remove as many default cases as possible cuz when someone adds
a new enum type they'll get a compiler warning instead of a runtime
failure some time later.
@danobi
NFC: Add ProbeType::special for BEGIN/END probes
bc7fbcd 
Create a separate probe type for BEGIN/END probes. Currently a noop in
this commit. We will use this new probe type in the next commit to
implement a more reliable special probe.
@danobi
Add feature test for BPF_PROG_TYPE_RAW_TRACEPOINT
9aa04ec 
We will be using BPF_PROG_RUN on this prog type to implement BEGIN/END
probes next.
@danobi
BEGIN/END: Add more reliable implementation
9977960 
Before, we implemented BEGIN/END probes as uprobes, attached the probes
to trigger functions in /proc/self/exe, and triggered the prog by calling
the trigger functions. This works well most of the time except for when
distros decide to strip symbols from bpftrace.

This commit makes BEGIN/END probes more reliable by implementing special
probes as BPF_PROG_TYPE_RAW_TRACEPOINT and calling BPF_PROG_RUN on them.
This is ok b/c we don't allow users to access any associated `ctx` in
speical probes anyways. And we choose raw_tp prog type b/c it has
BPF_PROG_RUN implemented.

I did try to implement BPF_PROG_RUN on BPF_PROG_TYPE_KPROBE in the
kernel but upstream didn't like it too much:
https://lore.kernel.org/bpf/[email protected]/ .
So we have raw_tp instead.
@danobi
Update CHANGELOG
b93aa92 
Even though this change should be somewhat transparent to the user,
most distros have stopped stripping bpftrace symbols to work around
bpftrace limitations. So add entry in changelog in case anyone is
checking.
@danobi danobi merged commit c038c30 into bpftrace:master Jul 14, 2022
@kmcdonell kmcdonell mentioned this pull request Aug 16, 2022
Closed
kmcdonell added a commit to kmcdonell/pcp that referenced this pull request Aug 17, 2022
@kmcdonell
qa/triaged: bftrace tool issue on Ubuntu 22.04
93f77f1 
Tests: 1701 1722 1723
Issue:
    nm: /usr/bin/bpftrace: no symbols
    fixed: bpftrace/bpftrace#2264 but yet arrive
    upstream (or is that downstream?)
@danobi danobi mentioned this pull request Aug 30, 2022
Closed
@ajor ajor mentioned this pull request Oct 4, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ajor ajor ajor approved these changes

@viktormalik viktormalik viktormalik approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@danobi @viktormalik @ajor