lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <02930c55-6423-4db4-b6f3-b783c572c121@intel.com>
Date: Mon, 22 Jul 2024 16:15:56 +0300
From: Adrian Hunter <adrian.hunter@...el.com>
To: duchangbin <changbin.du@...wei.com>
Cc: Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...hat.com>,
 Arnaldo Carvalho de Melo <acme@...nel.org>,
 Namhyung Kim <namhyung@...nel.org>, Nathan Chancellor <nathan@...nel.org>,
 Mark Rutland <mark.rutland@....com>,
 Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
 Jiri Olsa <jolsa@...nel.org>, Ian Rogers <irogers@...gle.com>,
 "Liang, Kan" <kan.liang@...ux.intel.com>,
 Nick Desaulniers <ndesaulniers@...gle.com>, Bill Wendling
 <morbo@...gle.com>, Justin Stitt <justinstitt@...gle.com>,
 "linux-perf-users@...r.kernel.org" <linux-perf-users@...r.kernel.org>,
 "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
 "llvm@...ts.linux.dev" <llvm@...ts.linux.dev>,
 "Wanghui (OS Kernel Lab, Beijing)" <hw.huiwang@...wei.com>
Subject: Re: [PATCH v5 1/8] perf: support specify vdso path in cmdline

On 22/07/24 15:19, duchangbin wrote:
> On Thu, Jul 18, 2024 at 08:02:16PM +0300, Adrian Hunter wrote:
>> On 2/07/24 07:18, Changbin Du wrote:
>>> The vdso dumped from process memory (in buildid-cache) lacks debugging
>>> info. To annotate vdso symbols with source lines we need specify a
>>> debugging version.
>>>
>>> For x86, we can find them from your local build as
>>> arch/x86/entry/vdso/vdso{32,64}.so.dbg. Or they may reside in
>>> /lib/modules/<version>/vdso/vdso{32,64}.so on Ubuntu. But notice that
>>> the buildid has to match.
>>>
>>> $ sudo perf record -a
>>> $ sudo perf report --objdump=llvm-objdump \
>>>   --vdso arch/x86/entry/vdso/vdso64.so.dbg,arch/x86/entry/vdso/vdso32.so.dbg
>>>
>>> Samples: 17K of event 'cycles:P', 4000 Hz, Event count (approx.): 1760
>>> __vdso_clock_gettime  /work/linux-host/arch/x86/entry/vdso/vdso64.so.d
>>> Percent│       movq    -48(%rbp),%rsi
>>>        │       testq   %rax,%rax
>>>        │     ;               return vread_hvclock();
>>>        │       movq    %rax,%rdx
>>>        │     ;               if (unlikely(!vdso_cycles_ok(cycles)))
>>>        │     ↑ js      eb
>>>        │     ↑ jmp     74
>>>        │     ;               ts->tv_sec = vdso_ts->sec;
>>>   0.02 │147:   leaq    2(%rbx),%rax
>>>        │       shlq    $4, %rax
>>>        │       addq    %r10,%rax
>>>        │     ;               while ((seq = READ_ONCE(vd->seq)) & 1) {
>>>   9.38 │152:   movl    (%r10),%ecx
>>>
>>> When doing cross platform analysis, we also need specify the vdso path if
>>> we are interested in its symbols.
>>>
>>
>> Just realized this is about objdump.  Sorry for not getting that
>> earlier.
>>
>> Like perf tools, objdump follows the paradigm of attempting to
>> locate and use debug info transparently.  However, objdump looks
>> at the installed debug info in /usr/lib/debug/.build-id/
>>
>> For example, if the debug file is copied (or linked) there, then
>> objdump or llvm-objdump will find it:
>>
>> $ llvm-objdump-18 -dS ~/.debug/\[vdso\]/cf702469f4637840fd6ba1a8d8a628ff83253d04/vdso | head -20
>>
>> ~/.debug/[vdso]/cf702469f4637840fd6ba1a8d8a628ff83253d04/vdso:      file format elf64-x86-64
>>
>> Disassembly of section .text:
>>
>> 00000000000006d0 <.text>:
>>     6d0: 48 8d 3d 29 d9 ff ff          leaq    -0x26d7(%rip), %rdi     # 0xffffffffffffe000
>>     6d7: eb 19                         jmp     0x6f2 <.text+0x22>
>>     6d9: 4c 8b 0d 28 d9 ff ff          movq    -0x26d8(%rip), %r9      # 0xffffffffffffe008
>>     6e0: 4c 8b 05 29 d9 ff ff          movq    -0x26d7(%rip), %r8      # 0xffffffffffffe010
>>     6e7: 0f 01 f9                      rdtscp
>>     6ea: 66 90                         nop
>>     6ec: 8b 0f                         movl    (%rdi), %ecx
>>     6ee: 39 ce                         cmpl    %ecx, %esi
>>     6f0: 74 0e                         je      0x700 <.text+0x30>
>>     6f2: 8b 37                         movl    (%rdi), %esi
>>     6f4: 85 f6                         testl   %esi, %esi
>>     6f6: 75 e1                         jne     0x6d9 <.text+0x9>
>>     6f8: 48 c7 c0 ff ff ff ff          movq    $-0x1, %rax
>>     6ff: c3                            retq
>> $ sudo ln -s /lib/modules/6.9.2-local/build/arch/x86/entry/vdso/vdso64.so.dbg /usr/lib/debug/.build-id/cf/702469f4637840fd6ba1a8d8a628ff83253d04.debug
>> $ llvm-objdump-18 -dS ~/.debug/\[vdso\]/cf702469f4637840fd6ba1a8d8a628ff83253d04/vdso | head -20                                                       
>>
>> ~/.debug/[vdso]/cf702469f4637840fd6ba1a8d8a628ff83253d04/vdso:      file format elf64-x86-64
>>
>> Disassembly of section .text:
>>
>> 00000000000006d0 <vread_hvclock>:
>> ; hv_read_tsc_page_tsc(const struct ms_hyperv_tsc_page *tsc_pg,
>>     6d0: 48 8d 3d 29 d9 ff ff          leaq    -0x26d7(%rip), %rdi     # 0xffffffffffffe000 <hvclock_page>
>>     6d7: eb 19                         jmp     0x6f2 <vread_hvclock+0x22>
>> ;               scale = READ_ONCE(tsc_pg->tsc_scale);
>>     6d9: 4c 8b 0d 28 d9 ff ff          movq    -0x26d8(%rip), %r9      # 0xffffffffffffe008 <hvclock_page+0x8>
>> ;               offset = READ_ONCE(tsc_pg->tsc_offset);
>>     6e0: 4c 8b 05 29 d9 ff ff          movq    -0x26d7(%rip), %r8      # 0xffffffffffffe010 <hvclock_page+0x10>
>> ;       asm volatile(ALTERNATIVE_2("rdtsc",
>>     6e7: 0f 31                         rdtsc
>>     6e9: 90                            nop
>>     6ea: 90                            nop
>>     6eb: 90                            nop
>> ;       } while (READ_ONCE(tsc_pg->tsc_sequence) != sequence);
>>     6ec: 8b 0f                         movl    (%rdi), %ecx
>> $
>>
>> Would that solve your problem?
>>
>> Notably, later versions of llvm-objdump have an option
>> --debug-file-directory which makes it possible to
>> have the debug info in a directory owned by the user,
>> for example:
>>
>> $ sudo rm /usr/lib/debug/.build-id/cf/702469f4637840fd6ba1a8d8a628ff83253d04.debug
>> $ llvm-objdump-18 -dS ~/.debug/\[vdso\]/cf702469f4637840fd6ba1a8d8a628ff83253d04/vdso | head -20
>>
>> ~/.debug/[vdso]/cf702469f4637840fd6ba1a8d8a628ff83253d04/vdso:      file format elf64-x86-64
>>
>> Disassembly of section .text:
>>
>> 00000000000006d0 <.text>:
>>     6d0: 48 8d 3d 29 d9 ff ff          leaq    -0x26d7(%rip), %rdi     # 0xffffffffffffe000
>>     6d7: eb 19                         jmp     0x6f2 <.text+0x22>
>>     6d9: 4c 8b 0d 28 d9 ff ff          movq    -0x26d8(%rip), %r9      # 0xffffffffffffe008
>>     6e0: 4c 8b 05 29 d9 ff ff          movq    -0x26d7(%rip), %r8      # 0xffffffffffffe010
>>     6e7: 0f 01 f9                      rdtscp
>>     6ea: 66 90                         nop
>>     6ec: 8b 0f                         movl    (%rdi), %ecx
>>     6ee: 39 ce                         cmpl    %ecx, %esi
>>     6f0: 74 0e                         je      0x700 <.text+0x30>
>>     6f2: 8b 37                         movl    (%rdi), %esi
>>     6f4: 85 f6                         testl   %esi, %esi
>>     6f6: 75 e1                         jne     0x6d9 <.text+0x9>
>>     6f8: 48 c7 c0 ff ff ff ff          movq    $-0x1, %rax
>>     6ff: c3                            retq
>> $ mkdir -p /tmp/debug/.build-id/cf/
>> $ ln -s /lib/modules/6.9.2-local/build/arch/x86/entry/vdso/vdso64.so.dbg /tmp/debug/.build-id/cf/702469f4637840fd6ba1a8d8a628ff83253d04.debug        
>> $ llvm-objdump-18 --debug-file-directory /tmp/debug -dS ~/.debug/\[vdso\]/cf702469f4637840fd6ba1a8d8a628ff83253d04/vdso | head -20
>>
>> ~/.debug/[vdso]/cf702469f4637840fd6ba1a8d8a628ff83253d04/vdso:      file format elf64-x86-64
>>
>> Disassembly of section .text:
>>
>> 00000000000006d0 <vread_hvclock>:
>> ; hv_read_tsc_page_tsc(const struct ms_hyperv_tsc_page *tsc_pg,
>>     6d0: 48 8d 3d 29 d9 ff ff          leaq    -0x26d7(%rip), %rdi     # 0xffffffffffffe000 <hvclock_page>
>>     6d7: eb 19                         jmp     0x6f2 <vread_hvclock+0x22>
>> ;               scale = READ_ONCE(tsc_pg->tsc_scale);
>>     6d9: 4c 8b 0d 28 d9 ff ff          movq    -0x26d8(%rip), %r9      # 0xffffffffffffe008 <hvclock_page+0x8>
>> ;               offset = READ_ONCE(tsc_pg->tsc_offset);
>>     6e0: 4c 8b 05 29 d9 ff ff          movq    -0x26d7(%rip), %r8      # 0xffffffffffffe010 <hvclock_page+0x10>
>> ;       asm volatile(ALTERNATIVE_2("rdtsc",
>>     6e7: 0f 31                         rdtsc
>>     6e9: 90                            nop
>>     6ea: 90                            nop
>>     6eb: 90                            nop
>> ;       } while (READ_ONCE(tsc_pg->tsc_sequence) != sequence);
>>     6ec: 8b 0f                         movl    (%rdi), %ecx
>> $
>>
> Yes, not only llvm-objdump. I can see other tools also can handle this and even
> can download from online by Debuginfod.
>   - perf can search debugging info there if HAVE_DEBUGINFOD_SUPPORT.
>   - gdb can search debugging info there and download via Debuginfod if not exist.
> 
> While above requires debugging files are placed correctly in
> /usr/lib/debug/.build-id/. For vdso mostly you need to copy it manully.
> 
> The target of this series is to handle it transparently, espacially for locally
> built kernels.

Passing the file name to perf tool doesn't seem transparent.

For locally built kernels, maybe there should be a make target for it.
There seems to be "vdso_install" for the stripped binary.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ