-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve ProcSyms module path handling #4319
Improve ProcSyms module path handling #4319
Conversation
The CI still failed. |
3dd8932
to
efdb9d6
Compare
Looking at failing Python |
Besides loading modules from /proc/<pid>/root/<path>, open /proc/<pid>/root in advance with open(..., O_PATH) first, then use openat to read the module file in case /proc/<pid>/root/<path> cannot be accessed. This enables the module file to be read even if <pid> is not running. A class named ModulePath is added, which does the openat call and manages the returned file descriptor, enabling functions expecting a path to use /proc/self/fd/... as the path to the module. This approach has a few limitations. Code using the module path for something different than open (e.g. debug info in .debug file or perf map detection) does not work with the /proc/self/fd/... path, and the accessibility check of /proc/<pid>/root/<path> is prone to a race condition.
efdb9d6
to
f6bdaba
Compare
There is too much functionality which breaks after substituting |
Sorry for the delayed review. In general I think this At Meta we have a profiling daemon that splits its execution into a few conceptual phases:
We had a similar issue with symbolicating exited process' stacks in the past, as we were trying to grab I'm mentioning this all because I'm not aware of any similar 'discovery' phase in tools using |
lenticularis39/bpftrace@4f07cc1, a part of a bpftrace PR I referenced this one from earlier, does a similar thing. In bpftrace, BPF code is not separated from userspace code, hence the "discovery phase" is triggered by symbol resolution being used in the code; perhaps in BCC it could be a function called by the user with a way to specify for which processes the symcache should be created. |
Cool, sounds like we're on the same page. Since you have a concrete usecase already, I think this can be merged w/o waiting for implementation of 'discovery' phase in normal BCC framework |
Note: test for ASLR enabled is disabled because of race condition, see iovisor/bcc#4319.
Note: test for ASLR enabled is disabled because of race condition, see iovisor/bcc#4319.
Note: test for ASLR enabled is disabled because of race condition, see iovisor/bcc#4319.
Note: test for ASLR enabled is disabled because of race condition, see iovisor/bcc#4319.
Note: test for ASLR enabled is disabled because of race condition, see iovisor/bcc#4319.
Note: test for ASLR enabled is disabled because of race condition, see iovisor/bcc#4319.
Note: test for ASLR enabled is disabled because of race condition, see iovisor/bcc#4319.
Another, better attempt at implementing loading symbols from exited processes, following cc44177. Unlike the previous one, this one should respect mount namespaces. I tried opening a file inside a container-specific tmpfs and it worked using the approach described below.
TODO list:
Instead of loading modules from /proc/<pid>/root/, open /proc/<pid>/root in advance with open(..., O_PATH) first, then use openat to read the module file. This enables the module file to be read even if <pid> is not running.
A class named ModulePath is added, which does the openat call and manages the returned file descriptor, enabling functions expecting a path to use /proc/self/fd/... as the path to the module.
Edit: prepend backslash to < and > symbols to fix display on GitHub