bpftrace error
Closed this issue · 4 comments
dodola commented
hello. I built bpftrace using build_scripts_for_android
But I found that the str() method could not be used。for example
#!/data/local/tmp/bpftools-arm64-0.0.1/bpftrace
#include <linux/mm.h>
#include <linux/fs.h>
kprobe:handle_mm_fault
{
$vma = (struct vm_area_struct *)arg0;
$file = $vma->vm_file->f_path.dentry->d_name.name;
@[str($file)] = count();
}
This error occurred while running
255|blueline:/data/local/tmp/bpftools-arm64-0.0.1 # ./pagefault.bt -v
Attaching 1 probe...
Error log:
0: (79) r3 = *(u64 *)(r1 +112)
1: (07) r3 += 160
2: (bf) r1 = r10
3: (07) r1 += -72
4: (b7) r2 = 8
5: (85) call 4
6: (79) r3 = *(u64 *)(r10 -72)
7: (07) r3 += 24
8: (bf) r1 = r10
9: (07) r1 += -72
10: (b7) r2 = 8
11: (85) call 4
12: (79) r3 = *(u64 *)(r10 -72)
13: (07) r3 += 40
14: (bf) r1 = r10
15: (07) r1 += -72
16: (b7) r2 = 8
17: (85) call 4
18: (79) r3 = *(u64 *)(r10 -72)
19: (b7) r1 = 0
20: (7b) *(u64 *)(r10 -16) = r1
21: (7b) *(u64 *)(r10 -24) = r1
22: (7b) *(u64 *)(r10 -32) = r1
23: (7b) *(u64 *)(r10 -40) = r1
24: (7b) *(u64 *)(r10 -48) = r1
25: (7b) *(u64 *)(r10 -56) = r1
26: (7b) *(u64 *)(r10 -64) = r1
27: (7b) *(u64 *)(r10 -72) = r1
28: (bf) r6 = r10
29: (07) r6 += -72
30: (bf) r1 = r6
31: (b7) r2 = 64
32: (85) call 45
unknown func 45
Error loading program: kprobe:handle_mm_fault
#include <linux/mm.h>
#include <linux/fs.h>
Program
kprobe:handle_mm_fault
=
variable: $vma
(struct vm_area_struct*)
builtin: arg0
=
variable: $file
.
.
dereference
.
.
dereference
.
dereference
variable: $vma
vm_file
f_path
dentry
d_name
name
call: printf
string: %s
call: str
variable: $file
; ModuleID = 'bpftrace'
source_filename = "bpftrace"
target datalayout = "e-m:e-p:64:64-i64:64-n32:64-S128"
target triple = "bpf-pc-linux"
%printf_t = type { i64, [64 x i8] }
; Function Attrs: nounwind
declare i64 @llvm.bpf.pseudo(i64, i64) #0
; Function Attrs: argmemonly nounwind
declare void @llvm.lifetime.start.p0i8(i64, i8* nocapture) #1
define i64 @"kprobe:handle_mm_fault"(i8*) local_unnamed_addr section "s_kprobe:handle_mm_fault_1" {
entry:
%str = alloca [64 x i8], align 1
%printf_args = alloca %printf_t, align 8
%"struct qstr.name" = alloca i64, align 8
%"struct path.dentry" = alloca i64, align 8
%"struct vm_area_struct.vm_file" = alloca i64, align 8
%1 = getelementptr i8, i8* %0, i64 112
%arg0 = load i64, i8* %1, align 8
%2 = add i64 %arg0, 160
%3 = bitcast i64* %"struct vm_area_struct.vm_file" to i8*
call void @llvm.lifetime.start.p0i8(i64 -1, i8* nonnull %3)
%probe_read = call i64 inttoptr (i64 4 to i64 (i8*, i64, i8*)*)(i64* nonnull %"struct vm_area_struct.vm_file", i64 8, i64 %2)
%4 = load i64, i64* %"struct vm_area_struct.vm_file", align 8
call void @llvm.lifetime.end.p0i8(i64 -1, i8* nonnull %3)
%5 = add i64 %4, 24
%6 = bitcast i64* %"struct path.dentry" to i8*
call void @llvm.lifetime.start.p0i8(i64 -1, i8* nonnull %6)
%probe_read1 = call i64 inttoptr (i64 4 to i64 (i8*, i64, i8*)*)(i64* nonnull %"struct path.dentry", i64 8, i64 %5)
%7 = load i64, i64* %"struct path.dentry", align 8
call void @llvm.lifetime.end.p0i8(i64 -1, i8* nonnull %6)
%8 = add i64 %7, 40
%9 = bitcast i64* %"struct qstr.name" to i8*
call void @llvm.lifetime.start.p0i8(i64 -1, i8* nonnull %9)
%probe_read2 = call i64 inttoptr (i64 4 to i64 (i8*, i64, i8*)*)(i64* nonnull %"struct qstr.name", i64 8, i64 %8)
%10 = load i64, i64* %"struct qstr.name", align 8
call void @llvm.lifetime.end.p0i8(i64 -1, i8* nonnull %9)
%11 = bitcast %printf_t* %printf_args to i8*
call void @llvm.lifetime.start.p0i8(i64 -1, i8* nonnull %11)
%12 = getelementptr inbounds [64 x i8], [64 x i8]* %str, i64 0, i64 0
%13 = bitcast %printf_t* %printf_args to i8*
call void @llvm.memset.p0i8.i64(i8* nonnull align 8 %13, i8 0, i64 72, i1 false)
call void @llvm.lifetime.start.p0i8(i64 -1, i8* nonnull %12)
call void @llvm.memset.p0i8.i64(i8* nonnull align 1 %12, i8 0, i64 64, i1 false)
%probe_read_str = call i64 inttoptr (i64 45 to i64 (i8*, i64, i8*)*)([64 x i8]* nonnull %str, i64 64, i64 %10)
%14 = getelementptr inbounds %printf_t, %printf_t* %printf_args, i64 0, i32 1, i64 0
call void @llvm.memcpy.p0i8.p0i8.i64(i8* nonnull align 8 %14, i8* nonnull align 1 %12, i64 64, i1 false)
call void @llvm.lifetime.end.p0i8(i64 -1, i8* nonnull %12)
call void @llvm.lifetime.end.p0i8(i64 -1, i8* nonnull %12)
%pseudo = call i64 @llvm.bpf.pseudo(i64 1, i64 1)
%get_cpu_id = call i64 inttoptr (i64 8 to i64 ()*)()
%perf_event_output = call i64 inttoptr (i64 25 to i64 (i8*, i64, i64, %printf_t*, i64)*)(i8* %0, i64 %pseudo, i64 %get_cpu_id, %printf_t* nonnull %printf_args, i64 72)
call void @llvm.lifetime.end.p0i8(i64 -1, i8* nonnull %11)
ret i64 0
}
; Function Attrs: argmemonly nounwind
declare void @llvm.lifetime.end.p0i8(i64, i8* nocapture) #1
; Function Attrs: argmemonly nounwind
declare void @llvm.memset.p0i8.i64(i8* nocapture writeonly, i8, i64, i1) #1
; Function Attrs: argmemonly nounwind
declare void @llvm.memcpy.p0i8.p0i8.i64(i8* nocapture writeonly, i8* nocapture readonly, i64, i1) #1
attributes #0 = { nounwind }
attributes #1 = { argmemonly nounwind }
Kernel Version:
Linux version 4.9.200-dirty_audio (liyan@ci14) (Android (5484270 based on r353983c) clang version 9.0.3 (https://android.googlesource.com/toolchain/clang 745b335211bb9eadfa6aa6301f84715cee4b37c5) (https://android.googlesource.com/toolchain/llvm 60cf23e54e46c807513f7a36d0a7b777920b5881) (based on LLVM 9.0.3svn)) #0 SMP PREEMPT Mon May 11 16:01:49 CST 2020
Android Version:
Android 10
Pixel 3
Android/aosp_blueline/blueline:10/QQ2A.200405.005/6254899:userdebug/test-keys
Thank you
dodola commented
michalgr commented
Hi!
The error message comes from Linux kernel. BPF verifier analyses BPF bytecode that bpftrace loaded into kernel and notices that function 45 (str) is not provided by that kernel version.
The commit that adds str function is this one: torvalds/linux@a5e8c07. Unfortunately I don't have kernel for Pixel 3 in my github, so you'll need to prepare your own fork. For reference I can point you to my Pixel 2 kernel which has a bunch of other patches backported (such as arm64 uprobes which was added in 4.14) to make bpftrace useful: https://github.com/michalgr/kernel_msm/commits/bpf_wahoo_defconfig.
dodola commented
Awesome! Thank you
michalgr commented
@dodola: I just recalled that I do maintain a 4.9 kernel fork for Pixel 3a. It's probably much better reference than the P2 one.