On Fri, 2010-01-29 at 08:42 +0100, Ingo Molnar wrote:
* Ananth N Mavinakayanahalli ana...@in.ibm.com wrote:
On Thu, Jan 28, 2010 at 09:55:02AM +0100, Ingo Molnar wrote:
...
Lets compare the two cases via a drawing. Your current uprobes submission
does:
[kernel] do probe thing single-step trap
^| ^ |
|v | v
[user] INT3XOL-ins next ins-stream
( add the need for serialization to make sure the whole single-step
thing
does not get out of sync with reality. )
And emulator approach would do:
[kernel] emul-demux-fastpath, do probe thing
^ |
| v
[user] INT3 next ins-stream
far simpler conceptually, and faster as well, because it's one kernel
entry.
Ingo,
Yes, conceptually, emulation is simpler. In fact, it may even be the
right thing to do from a housekeeping POV if gdb were enabled to use
breakpoint assistance in the kernel. However... emulation is not
easy. Just quoting Peter Anvin:
On the more general rule of interpretation: I'm really concerned about
having a bunch of partially-capable x86 interpreters all over the
kernel. x86 is *hard* to emulate, and it will only get harder as the
architecture evolves.
-hpa
This is obviously true for a full emulator. Except for the fact that:
Yes, I know you suggested we start with a small subset.
and for the fact that we already have emulators in the kernel.
But this would be emulating userspace instructions, correct?
The kernel is limited to what instructions it can perform, no floating
point for example (of course there are some exceptions). But generally,
the instructions in the kernel should be easier to emulate than in
userspace. Userspace is free to do any wacky thing it wants. Will this
limit the ability to probe apps that take advantage of some strange op
code that the user knows is available on their platform?
-- Steve
Plus we _already_ need to decode instructions for safe kprobing and have the
code for that upstream. So it's not like we can avoid decoding the
instructions. (and emulating certain instruction patterns is really just a
natural next step of a good decoder.)