Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pmu uprobes are broken #292

Closed
lmb opened this issue Apr 22, 2021 · 1 comment · Fixed by #296
Closed

pmu uprobes are broken #292

lmb opened this issue Apr 22, 2021 · 1 comment · Fixed by #296
Assignees
@mmat11
Labels
bug Something isn't working

Comments

@lmb
Copy link
Collaborator

lmb commented Apr 22, 2021

@ti-mo @lmb FYI pmu uprobes are broken; they were working before doing some refactoring. I suppose it's the offset not being passed correctly to perf_event_open:

$ sudo bpftool perf
pid 1056229  fd 3: prog_id 712  uretprobe  filename /bin/bash  offset 0

I am continuing to debug.

PS. currently I believe there aren't "e2e" tests, are these planned?

Originally posted by @mmat11 in #280 (comment)
@lmb lmb added the bug Something isn't working label Apr 22, 2021
@mmat11 mmat11 mentioned this issue Apr 22, 2021
Merged
@ti-mo ti-mo mentioned this issue Apr 26, 2021
Closed
@ti-mo
Copy link
Collaborator

ti-mo commented Apr 27, 2021
edited
Loading

@ungureanuvladvictor pointed me to the fact that the uprobe example works on Ubuntu's build of Bash (including 21.04), and I found that Ubuntu ships with a statically-linked version of readline. It looks like they vendor a version of readline in the Bash tree, but it can optionally be linked against libreadline.so:

~ objdump -T /bin/bash
00000000000ad900 g    DF .text  0000000000000088  Base        readline

On my system (Arch), readline is provided by libreadline.so:

λ  ~  objdump -T /bin/bash | grep readline
0000000000000000      DF *UND*	0000000000000000              readline
λ  ~  ldd /bin/bash
	libreadline.so.8 => /usr/lib/libreadline.so.8 (0x00007ffad7983000)

The 0 offset as parsed by debug/elf is correct, this symbol is to be provided by a library and still needs to be relocated. This means we'll either need to find or implement a dynamic linker in Go, and allow the caller to pass in their own offsets for now. Will close this with a PR to disable creating Uprobes from symbols from SHN_UNDEF with offset 0.

This was referenced Apr 27, 2021
Merged
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mmat11 mmat11

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

link: uprobe - mark shared library symbols as unsupported ti-mo/ebpf
3 participants
@lmb @ti-mo @mmat11