0

I was trying to do some work in rwsem. I defined a function like this and called it in rwsem_optimistic_spin():

noinline void __bpf_hook_rwsem(struct rw_semaphore *sem, bool wlock, u64 delta) {
    pr_err("rwsem_trace, delta = %llu.", delta);
    if (delta >= 500000) {
        pr_err("rwsem_tle, delta = %llu.", delta);
        dump_stack();
        pr_err("rwsem_tle, stack dumping end.");
    }
}
EXPORT_SYMBOL_GPL(__bpf_hook_rwsem);

Then attached it to a BPF program with a script written in python:

#from __future__ import print_function
from bcc import BPF
from time import sleep
from subprocess import call
import signal

# signal handler
#def signal_ignore(signal_value, frame):
#    print()

# define BPF program
bpf_text = """
#include <uapi/linux/ptrace.h>
#include <linux/rwsem.h>
#include <linux/sched.h>

struct rwsem_info {
    u64 count;
    u64 delta;
    u64 pid;
    u64 tgid;
    char comm[16];
};

BPF_HASH(counts, u64, struct rwsem_info);

int trace_rwsem_log(struct pt_regs *ctx, struct rw_semaphore *sem, bool wlock, u64 delta)
{
    ...
    **bpf_trace_printk("trace_rwsem_log, hooked.");**
    ...

    return 0;
}
"""

# initialize BPF
b = BPF(text=bpf_text)
b.attach_kprobe(event="__bpf_hook_rwsem", fn_name="trace_rwsem_log")

interval = 2

# output
while 1:
    try:
        call("clear")
        print('Tracing... Output every %d secs. Hit Ctrl-C to end.' % interval)
        print(b["counts"].items())
        for i, j in b["counts"].items():
            print 'number: %u, info: %u' % (i.value, j.tgid)
        sleep(interval)
    except KeyboardInterrupt:
        print("Detaching...")
        exit()

No error detected when I ran the script. Everything worked fine except nothing was printed on the screen. __bpf_hook_rwsem is in /proc/kallsyms. I tried dmesg and pr_err() worked fine which means __bpf_hook_rwsem was called and ran properly. I also checked /sys/kernel/tracing/trace_pipe and cannot find "trace_rwsem_log, hooked." which means bpf_trace_printk didn't run.

I tried to hook the program to "rwsem_optimistic_spin()" which is an original function in rwsem.c. And I get all the logs expected to be shown. Did I do anything wrong? Why did I failed attaching the BFP program to the function I defined?

peibo zhang
  • 1

0 Answers0