On 01/19/2010 07:47 PM, Jim Keniston wrote:
This is still with a kernel entry, yes?
Yes, this involves setting a breakpoint and trapping into the kernel
when it's hit. The 6-7x figure is with the current 2-trap approach
(breakpoint, single-step). Boosting could presumably make that more
like 12-14x.
A trap is IIRC ~1000 cycles, we can reduce this to ~50 (totally
negligible from the executed code's point of view).
Do you have plans for a variant
that's completely in userspace?
I don't know of any such plans, but I'd be interested to read more of
your thoughts here. As I understand it, you've suggested replacing the
probed instruction with a jump into an instrumentation vma (the XOL
area, or something similar). Masami has demonstrated -- through his
djprobes enhancement to kprobes -- that this can be done for many x86
instructions.
What does the code in the jumped-to vma do?
1. Write a trace entry into shared memory, trap into the kernel on overflow.
2. Trap if a condition is satisfied (fast watchpoint implementation).
Is the instrumentation code
that corresponds to the uprobe handlers encoded in an ad hoc .so?
Looks like a good idea, but it doesn't matter much to me.
--
error compiling committee.c: too many arguments to function