I have a case where the same function appears in different kernel modules, in /proc/kallsyms, something like,
address1 t function [module1] address2 t function [module2]
Both modules are loaded on same machine. Then I want to trace the function with ebpf.
bpftrace kprobe can't specify module name.
bpftrace -lv 'kprobe:function'
does list 2 probes, but if i run 'bpftrace -e 'kprobe:function {...}'
it only attaches 1 probe. Seems it only attaches the 1st one found...
looking at libbpf.c in bcc, the perf event open syscall seems only accepts function name as string, but not module name or address itself
In latest linux kernel src code, kprobe trace seems to have data structure to support both function name and address, as well as module, but the implementation doesn't not take module into account.
Actually, the Dtrace fbt probe has format provider:module:function, but bpftrace, which has very similar syntax to Dtrace, doesn't have module info in the kprobe/kretprobe provider.
Is it because bcc and kernel ebpf doesn't have module name support?
