Re: [PATCH v4] [RFC] trace: Add kprobe on tracepoint

From: Masami Hiramatsu
Date: Wed Aug 11 2021 - 11:03:48 EST

Next message: Mark Brown: "Re: [PATCH] ASoC: rt5682: Properly turn off regulators if wrong device ID"
Previous message: Marc Zyngier: "Re: [PATCH V2] KVM: arm64: Restrict IPA size to maximum 48 bits on 4K and 16K page size"
In reply to: Tzvetomir Stoyanov (VMware): "[PATCH v4] [RFC] trace: Add kprobe on tracepoint"
Next in thread: Steven Rostedt: "Re: [PATCH v4] [RFC] trace: Add kprobe on tracepoint"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 11 Aug 2021 17:14:33 +0300
"Tzvetomir Stoyanov (VMware)" <tz.stoyanov@xxxxxxxxx> wrote:

> From: Tzvetomir Stoyanov (VMware) <tz.stoyanov@xxxxxxxxx>
>
> A new dynamic event is introduced: event probe. The event is attached
> to an existing tracepoint and uses its fields as arguments. The user
> can specify custom format string of the new event, select what tracepoint
> arguments will be printed and how to print them.
> An event probe is created by writing configuration string in
> 'dynamic_events' ftrace file:
> e:GNAME/ENAME SYSTEM.EVENT [FETCHARGS] - Set an event probe

Hmm, this inconsistency looks not good to me.

"GNAME/ENAME" "SYSTEM.EVENT"
- GNAME is "group name" but SYSTEM is "system name" but both must point
same idea.
- Delimiter character is different.

Aren't these confusing users?

One idea is adding a patch for kprobe and uprobe events to accept new
delimiter '.'. This will give a consistency with hist triggers too.

Also, you can add a note about that the system and group is same
meaning in events.

> -:GNAME/ENAME - Delete an event probe
>
> Where:
> GNAME - Group name, if omitted 'eprobes' is used.

If this is not mandatory, you should write it as

e:[GNAME/]ENAME SYSTEM.EVENT [FETCHARGS]

> ENAME - Name of the new event in GNAME, mandatory.
> SYSTEM - Name of the system, where the tracepoint is defined, mandatory.
> EVENT - Name of the tracepoint event in SYSTEM, mandatory.
> FETCHARGS - Arguments:
> <name>=$<field>[:TYPE] - Fetch given filed of the tracepoint and print
> it as given TYPE with given name. Supported
> types are:
> (u8/u16/u32/u64/s8/s16/s32/s64), basic type
> (x8/x16/x32/x64), hexadecimal types
> "string", "ustring" and bitfield.
>
> Example, attach an event probe on openat system call and print name of the
> file that will be opened:
> echo "e:esys/eopen syscalls.sys_enter_openat file=\$filename:string" >> dynamic_events
> A new dynamic event is created in events/esys/eopen/ directory. It
> can be deleted with:
> echo "-:esys/eopen" >> dynamic_events
>
> Filters, triggers and histograms can be attached to the new event, it can
> be matched in synthetic events. There is one limitation - no synthetic
> events can be attached to an event probe.

I'm not sure what the "no synthetic events can be attached to an event probe"
means.
Can you show an example command what this means?

>
> Co-developed-by: Steven Rostedt (VMware) <rostedt@xxxxxxxxxxx>
> Signed-off-by: Tzvetomir Stoyanov (VMware) <tz.stoyanov@xxxxxxxxx>
> ---
> Subject of the patch is still related to kprobe, though the design no
> more depends on kprobe. I did not change it for consistency with the
> first patch version.

OK, thanks for moving onto the dynevent. Let me check the code in another
mail.
Anyway, I think this is good starting point.

Thank you,

--
Masami Hiramatsu <mhiramat@xxxxxxxxxx>

Next message: Mark Brown: "Re: [PATCH] ASoC: rt5682: Properly turn off regulators if wrong device ID"
Previous message: Marc Zyngier: "Re: [PATCH V2] KVM: arm64: Restrict IPA size to maximum 48 bits on 4K and 16K page size"
In reply to: Tzvetomir Stoyanov (VMware): "[PATCH v4] [RFC] trace: Add kprobe on tracepoint"
Next in thread: Steven Rostedt: "Re: [PATCH v4] [RFC] trace: Add kprobe on tracepoint"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]