Skip to content

Symbolize from proc maps #12

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Symbolize from proc maps #12

wants to merge 4 commits into from

Conversation

@r1viollet
Copy link

@r1viollet r1viollet commented Jan 17, 2022
edited
Loading

  • When pid option is specified, check all binaries from proc maps.
  • Lazy symbolization
    Retrieve symbols when needed. Add a cache to check if symbols were loaded.

Authored by @nsavoire

@r1viollet
Allow to parse proc maps.
b57251b 
When pid option is specified, check all binaries from proc maps.
@r1viollet r1viollet marked this pull request as draft January 17, 2022 13:19
r1viollet and others added 3 commits January 17, 2022 14:22
@r1viollet
Add notes on proposed changes
2a6b074
@nsavoire
Change --binary to --executable and support optional path prefix for …
b9cb15e 
…binary patterns
@nsavoire
Symbolization improvements
2751690 
Symbolization is now done by lazily loading proc maps from pid when receiving a new stacktrace, locating the binary corresponding to the address and loading binary symbols.
@nsavoire
Copy link

nsavoire commented Jan 18, 2022
edited
Loading

Symbolization from /proc/%pid%/maps mostly works, but is not yet well integrated with the rest of the code.

Issues/ToDo:

  • Remove TracedBinary object, it looks like it is not needed anymore
  • User stack traces are printed as kernel stack traces (because TracedBinary is nil in StackTrace object), linked to the previous remark.
  • Uprobe requires either a binary path prefix in the pattern or a pid. if an excutable is given, we could imagine finding pids running with this executable.
  • If several pids are given, different funcIds might be created for the same binary / offset (one for each pid)
  • There are 2 different mechanisms for PID filtering:
    • target a specific PID with perf API (only possible for uprobes/perfevents): minimal impact on non-traced PIDs but newly created processes can't be traced easily
    • use an EBPF map inside EBPF program to determine is current PID is traced (for system wide traces such as kprobes/tracepoints and also checked for uprobes/perfevents): runtime impact on non-traced PIDs but newly created processes are automatically added by tracepoint_sched_sched_process_exec and traced
  • Current trigger for capturing user stack traces in kprobe/tracepoints/perf_events is filter_user_binary, not sure about this

@r1viollet r1viollet marked this pull request as ready for review January 19, 2022 08:39
@r1viollet r1viollet changed the title [WIP] Push upstream changes from research week Push upstream changes from research week Jan 19, 2022
@r1viollet
Copy link
Author

r1viollet commented Jan 19, 2022

@Gui774ume if you want to check out this PR. There are still some limitations, but I feel the mechanisms added are very interesting.

@r1viollet r1viollet changed the title Push upstream changes from research week Symbolize from proc maps Jan 19, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@r1viollet @nsavoire