| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 19 Aug 2009 13:12:48 -0400 From: Masami Hiramatsu <mhiramat@...hat.com> To: Frederic Weisbecker <fweisbec@...il.com> CC: Ingo Molnar <mingo@...e.hu>, LKML <linux-kernel@...r.kernel.org>, Lai Jiangshan <laijs@...fujitsu.com>, Steven Rostedt <rostedt@...dmis.org>, Peter Zijlstra <peterz@...radead.org>, Mathieu Desnoyers <mathieu.desnoyers@...ymtl.ca>, Jiaying Zhang <jiayingz@...gle.com>, Martin Bligh <mbligh@...gle.com>, Li Zefan <lizf@...fujitsu.com>, Jason Baron <jbaron@...hat.com> Subject: Re: [PATCH 15/16] tracing: Add fields format definition for syscall events Frederic Weisbecker wrote: > Define the format of the syscall trace fields to parse the binary > values from a raw trace using the syscall events "format" file. > > This is defined dynamically using the syscalls metadata. > It prepares the export of syscall event raw records to perf > counters. > > Example: > > $ cat /debug/tracing/events/syscalls/sys_enter_sched_getparam/format > name: sys_enter_sched_getparam > ID: 39 > format: > field:unsigned short common_type; offset:0; size:2; > field:unsigned char common_flags; offset:2; size:1; > field:unsigned char common_preempt_count; offset:3; size:1; > field:int common_pid; offset:4; size:4; > field:int common_tgid; offset:8; size:4; > > field:pid_t pid; offset:12; size:8; > field:struct sched_param * param; offset:20; size:8; > > print fmt: "pid: 0x%08lx, param: 0x%08lx", ((unsigned long)(REC->pid)), ((unsigned long)(REC->param)) Hi Frederic, I've found that the formats of some syscall events were too big. --- $ for i in sys_enter* ;do grep name $i/format > /dev/null || echo $i has broken format. ; done sys_enter_getegid has broken format. sys_enter_geteuid has broken format. sys_enter_getgid has broken format. sys_enter_getpgrp has broken format. sys_enter_getpid has broken format. sys_enter_getppid has broken format. sys_enter_gettid has broken format. sys_enter_getuid has broken format. sys_enter_inotify_init has broken format. sys_enter_munlockall has broken format. sys_enter_pause has broken format. sys_enter_restart_syscall has broken format. sys_enter_sched_yield has broken format. sys_enter_setsid has broken format. sys_enter_sync has broken format. sys_enter_vhangup has broken format. $ cat sys_enter_getegid/format FORMAT TOO BIG --- And it causes an error on ./perf trace. --- $ ./perf record -R -e syscalls:sys_enter_read -a -f cat libperf.a > /dev/null $ ./perf trace Fatal: Error: expected 'name' but read 'FORMAT' version = 0.5 --- Thank you, -- Masami Hiramatsu Software Engineer Hitachi Computer Products (America), Inc. Software Solutions Division e-mail: mhiramat@...hat.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists