| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 19 Aug 2009 19:37:35 +0200 From: Frederic Weisbecker <fweisbec@...il.com> To: Masami Hiramatsu <mhiramat@...hat.com> Cc: Ingo Molnar <mingo@...e.hu>, LKML <linux-kernel@...r.kernel.org>, Lai Jiangshan <laijs@...fujitsu.com>, Steven Rostedt <rostedt@...dmis.org>, Peter Zijlstra <peterz@...radead.org>, Mathieu Desnoyers <mathieu.desnoyers@...ymtl.ca>, Jiaying Zhang <jiayingz@...gle.com>, Martin Bligh <mbligh@...gle.com>, Li Zefan <lizf@...fujitsu.com>, Jason Baron <jbaron@...hat.com> Subject: Re: [PATCH 15/16] tracing: Add fields format definition for syscall events On Wed, Aug 19, 2009 at 01:12:48PM -0400, Masami Hiramatsu wrote: > Frederic Weisbecker wrote: > > Define the format of the syscall trace fields to parse the binary > > values from a raw trace using the syscall events "format" file. > > > > This is defined dynamically using the syscalls metadata. > > It prepares the export of syscall event raw records to perf > > counters. > > > > Example: > > > > $ cat /debug/tracing/events/syscalls/sys_enter_sched_getparam/format > > name: sys_enter_sched_getparam > > ID: 39 > > format: > > field:unsigned short common_type; offset:0; size:2; > > field:unsigned char common_flags; offset:2; size:1; > > field:unsigned char common_preempt_count; offset:3; size:1; > > field:int common_pid; offset:4; size:4; > > field:int common_tgid; offset:8; size:4; > > > > field:pid_t pid; offset:12; size:8; > > field:struct sched_param * param; offset:20; size:8; > > > > print fmt: "pid: 0x%08lx, param: 0x%08lx", ((unsigned long)(REC->pid)), ((unsigned long)(REC->param)) > > Hi Frederic, > > I've found that the formats of some syscall events were too big. > > --- > $ for i in sys_enter* ;do grep name $i/format > /dev/null || echo $i has broken format. ; done sys_enter_getegid has broken format. > sys_enter_geteuid has broken format. > sys_enter_getgid has broken format. > sys_enter_getpgrp has broken format. > sys_enter_getpid has broken format. > sys_enter_getppid has broken format. > sys_enter_gettid has broken format. > sys_enter_getuid has broken format. > sys_enter_inotify_init has broken format. > sys_enter_munlockall has broken format. > sys_enter_pause has broken format. > sys_enter_restart_syscall has broken format. > sys_enter_sched_yield has broken format. > sys_enter_setsid has broken format. > sys_enter_sync has broken format. > sys_enter_vhangup has broken format. > > $ cat sys_enter_getegid/format > FORMAT TOO BIG > --- > > And it causes an error on ./perf trace. > > --- > $ ./perf record -R -e syscalls:sys_enter_read -a -f cat libperf.a > /dev/null > > $ ./perf trace > Fatal: Error: expected 'name' but read 'FORMAT' > version = 0.5 > --- > > Thank you, Yeah, I have yet to fix this, that because syscalls that have no parameters raise a small bug in the return value of trace_seq_printf() while printing their format, returning 0 as if the buffer was full and lost some bits. However, It's possible that the last patches from Li fix this, since he did a total/better refactoring of the format definition for syscall events. I'll check this, Thanks! -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists