Re: [PATCH v3] tracing: precise log info for kretprobe addr err

From: Steven Rostedt
Date: Tue Jan 26 2021 - 22:36:11 EST

Next message: Linus Walleij: "Re: [PATCH 1/1] net: dsa: rtl8366rb: standardize init jam tables"
Previous message: Andy Shevchenko: "Re: [PATCH 6/8] lib: bitmap: support "N" as an alias for size of bitmap"
In reply to: Oleg Nesterov: "Re: [PATCH v3] tracing: precise log info for kretprobe addr err"
Next in thread: Masami Hiramatsu: "Re: [PATCH v3] tracing: precise log info for kretprobe addr err"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 26 Jan 2021 22:17:23 +0100
Oleg Nesterov <oleg@xxxxxxxxxx> wrote:

> On 01/26, Steven Rostedt wrote:
> >
> > On Tue, 26 Jan 2021 21:20:59 +0100
> > Oleg Nesterov <oleg@xxxxxxxxxx> wrote:
> >
> > > > No, not wrong. Even offset != 0, if the symbol exists in the kernel,
> > > > kprobe_on_func_entry() will check it.
> > >
> > > Yes, but unless I am totally confused... if kprobe_on_func_entry() returns false,
> > > then trace_kprobe_create() should fail with BAD_RETPROBE even if offset == 0 ?
> >
> > From what I understand. kprobe_on_func_entry() can return false if you pass
> > in: "MOD:not_yet_loaded_module_func", but this is OK, because when the
> > module is loaded, and the "not_yet_loaded_module_func" exists, the
> > kretprobe will then be added.
> >
> > The strchr(symbol,":") check is to see if "MOD:" (or some other ":" command)
> > is in the name, and we don't want it to fail if it is. Which is why we
> > should have that commented.
>
> Agreed, this matches my understanding.
>
> But just in case... not sure I read this code correctly, but I think that
> module_kallsyms_lookup_name("not_yet_loaded_module_func") should work even
> without the "MOD:" prefix.
>
> IOW, kprobe_on_func_entry("not_yet_loaded_module_func") can fail, and then
> later succeed if you load the module which provides this symbol.
>
> But even if I am right, I agree with the strchr(symbol,":") check.

I see what you are saying. If "MOD" is not loaded yet, the
kprobe_on_func_entry() should succeed.

kprobe_on_func_entry(name) {
_kprobe_addr(name) {
_kprobe_lookup_name(name) {
kallsyms_lookup_name(name) {
module_kallsyms_lookup_name(name) {

Which is:

unsigned long module_kallsyms_lookup_name(const char *name)
{
struct module *mod;
char *colon;
unsigned long ret = 0;

/* Don't lock: we're in enough trouble already. */
preempt_disable();
if ((colon = strnchr(name, MODULE_NAME_LEN, ':')) != NULL) {
if ((mod = find_module_all(name, colon - name, false)) != NULL)
ret = find_kallsyms_symbol_value(mod, colon+1);
} else {
list_for_each_entry_rcu(mod, &modules, list) {
if (mod->state == MODULE_STATE_UNFORMED)
continue;
if ((ret = find_kallsyms_symbol_value(mod, name)) != 0)
break;
}
}
preempt_enable();
return ret;
}

And if find_module_all() fails, ret isn't updated, and "return ret" will
return zero.

That is, the ":" check may not be needed, but its at least good to have?

-- Steve

Next message: Linus Walleij: "Re: [PATCH 1/1] net: dsa: rtl8366rb: standardize init jam tables"
Previous message: Andy Shevchenko: "Re: [PATCH 6/8] lib: bitmap: support "N" as an alias for size of bitmap"
In reply to: Oleg Nesterov: "Re: [PATCH v3] tracing: precise log info for kretprobe addr err"
Next in thread: Masami Hiramatsu: "Re: [PATCH v3] tracing: precise log info for kretprobe addr err"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]