Date: Thu, 8 Jul 2004 10:14:17 +0100 From: Steven Smith <sos22@cantab.net> To: freebsd-hackers@freebsd.org Cc: sos22@srcf.ucam.org Subject: Re: Article on Sun's DTrace Message-ID: <20040708091417.GA967@archibold.chu.cam.ac.uk> In-Reply-To: <20040706101140.T92636@bowser.eecs.harvard.edu> References: <20040706120130.3DF9816A57D@hub.freebsd.org> <20040706101140.T92636@bowser.eecs.harvard.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
--cNdxnHkX5QqsyA0e Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable > - It has no impact on the system when it is not used. So you can > leave it in all the time, instead of having a debug kernel and > a production kernel. >=20 > [I don't know how they achieve the "no impact" but they claim > that they really mean "no", not just "negligible".] The primary mechanism seems to be modifying the kernel at run time to insert calls to the probe functions only where necessary. You have some magic provider code which crawls over the symbol table looking for functions, and then changes the prolog from push %ebp mov %esp, %ebp =2E.. or whatever into call probe_function =2E.. with probe_function then emulating the first few instructions of the annotated function before returning, to make up for having clobbered them when installing the probe. They give up on functions that don't have a frame pointer; one of the papers claimed this was less than 5% in the Solaris kernel on x86. Obviously, when the probe isn't active, you just have the normal function prolog, so the cost per-probe is zero. You still use up memory and other resources keeping all of the infrastructure loaded, though, so it isn't quite true to say that the cost is zero. It's also possible to put probes on the return instruction of the function. I'm not sure how they're actually finding that, though. There's also some dynamic linker jiggery pokery to allow kernel developers to put in explicit, static calls to probe functions in interesting places, and then have those changed into nops when the probe is not in use. These probes do have some per-probe cost, but it's very small. One of the really cool properties of the implemented system is that probes can be inserted almost anywhere, including in interrupt handlers or the middle of the scheduler. Arranging this was probably quite a large part of the design work. :) > It looks very nice. I wish I'd had it during my forays into the > FreeBSD kernel. Is it hopelessly solaris-specific? I don't know anything about the implementation, but none of the publically-documented bits that I've seen would be unimplementable under FreeBSD. It'd just be time consuming. Steven. --=20 One day, I'm going to get an Alice-bot to answer all my email for me, and see how long it takes people to notice. --cNdxnHkX5QqsyA0e Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFA7RBpO4S8/gLNrjcRAr6NAKCl8v8QIS9A+orx9uXqqrEULj3njwCeM6VT hTuKm2W39SxL+SWsWRmgMu0= =rhYM -----END PGP SIGNATURE----- --cNdxnHkX5QqsyA0e--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040708091417.GA967>