From owner-freebsd-hackers@FreeBSD.ORG Sun Jun 12 20:01:02 2005 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E429716A420; Sun, 12 Jun 2005 20:01:01 +0000 (GMT) (envelope-from creep@daedalus.desk.pl) Received: from daedalus.desk.pl (daedalus.desk.pl [62.233.238.17]) by mx1.FreeBSD.org (Postfix) with ESMTP id D258143D48; Sun, 12 Jun 2005 20:01:00 +0000 (GMT) (envelope-from creep@daedalus.desk.pl) Received: from localhost (localhost [127.0.0.1]) by daedalus.desk.pl (Postfix) with ESMTP id C1F83366CFB; Sun, 12 Jun 2005 21:54:27 +0200 (CEST) Received: from daedalus.desk.pl ([127.0.0.1]) by localhost (daedalus [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 09871-01; Sun, 12 Jun 2005 21:54:26 +0200 (CEST) Received: by daedalus.desk.pl (Postfix, from userid 1023) id 71DF5366658; Sun, 12 Jun 2005 21:54:26 +0200 (CEST) Date: Sun, 12 Jun 2005 21:54:26 +0200 From: Marcin Koziej To: freebsd-hackers@freebsd.org, brooks@FreeBSD.org Message-ID: <20050612195426.GA5248@daedalus.desk.pl> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline User-Agent: Mutt/1.4.1i X-Antivirus: Skaner Antywirusowy DESK.pl X-Mailman-Approved-At: Mon, 13 Jun 2005 11:52:14 +0000 Cc: Subject: Tracking FreeBSD performance over time - what hackers want? X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 12 Jun 2005 20:01:02 -0000 Hello Hackers! I have an idea which could be used to track FreeBSD performance and regression testing. Please take a look and give Your opinion on how usefull that would be for the FreeBSD project. The basis for this system would be hijacking certain functions execution with injected code. Hijacker program runs target binary with LD_PRELOAD to inject some code (code doing statistics, tests, etc..) and installs redirections using ptrace (injecting jump instructions here and there). It then deattaches and the program runs almost as normal. (A little demo of how this might look later). This approach has its pros and cons: + no context switch to fire hijacking code + flexible - You can hijack any function that has a symbol. Hijacking PLT (done) and relocations in shared libraries (will be done) included. + transparent - there needs to be no modiffication in target binary; hackers don't own all the hardware. It's hard to ask people with interesting equipement to recompile their binaries with profiling options. This would allow them to measure performance without changing their system. + small performance impact - put code only in places You want, and put there only the code which is needed there. (can be made O(1) unless You make it worse) - ABI / Architecture dependent - needs all the shared library mechanism to inject code (LD_PRELOAD) - needs symbols - writes the ro code pages on installing the redirections (negligible?) And here is the demo of poc code (not particulary usefull..but..) This hijack code has a static table indexed by read sizes in which we count how many times a read of this size was called. ------------------------------------ #include #include #define PROBES 400 #define QUANT 0x10 static int stats[PROBES]; static int max_read; // RV(type) gives return value of the code HIJACK(int, read, (int fd, char *buf, size_t size), /* before call*/ , /* after call*/ printf("read() = %d\n", RV(int)); if (max_read < RV(int)) max_read = RV(int); if ((RV(int) >=0) && (RV(int) < QUANT * PROBES)) { stats[RV(int) / QUANT]++; } ) HIJACK(int, main, (), printf("hello hijacking!\n"); , ) HIJACK(int, exit, (), int i; for (i=0; i