lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:	Thu, 11 Sep 2008 09:54:29 +0530
From:	Srinivasa DS <srinivasa@...ibm.com>
To:	Linux Kernel <linux-kernel@...r.kernel.org>,
	systemtap <systemtap@...rces.redhat.com>,
	Ananth Mavinakayanahalli <ananth@...ibm.com>,
	Maneesh Soni <maneesh@...ux.vnet.ibm.com>
Subject: [RFC] Some Interesting one liner systemtap scripts

I am listing out some interesting one line systemtap scripts which can be
of handy use for kernel developers. These scripts can be reused to probe other
functions by modifying the function name.

If you have ideas/suggestions to improve these or create more such one
liner scripts, please let me know.


1) Script to display the backtrace from a given kernel function.

stap  -e 'probe kernel.function("generic_make_request") { print_backtrace() }'


Output looks like:
   0xffffffff8030a614 : generic_make_request+0x1/0x345 [kernel]
   0xffffffff8030bc0e : submit_bio+0xc8/0xcf [kernel]
   0xffffffff802ace12 : submit_bh+0xdc/0xfc [kernel] )
   0xffffffff802ae7ea : __block_write_full_page+0x1c2/0x2b6 [kernel]
   0xffffffff802b209d : blkdev_get_block+0x0/0x46 [kernel]
   ......................................................

2) Script to display the backtrace from a given kernel function, without the help of debug information.

stap --kmap=/proc/kallsyms  -e 'probe kernel.function("generic_make_request") { print_backtrace() }'

Output looks like:
   0xffffffff8030a614 : generic_make_request+0x1/0x345 [kernel]
   0xffffffff8030bc0e : submit_bio+0xc8/0xcf [kernel]
   0xffffffff802ace12 : submit_bh+0xdc/0xfc [kernel] )
   0xffffffff802ae7ea : __block_write_full_page+0x1c2/0x2b6 [kernel]
   0xffffffff802b209d : blkdev_get_block+0x0/0x46 [kernel]
   ......................................................

3) Script to display parameters and local variables of a given kernel function

stap -e 'probe kernel.function("vfs_read") { printf("%s \n", $$vars)}'

Output looks like:
   file=0xffff81003b570300 buf=0x41afc0e0 count=0x20000 pos=0xffff810068095f50 ret=?
   file=0xffff81003b570300 buf=0x41afc0e0 count=0x20000 pos=0xffff810068095f50 ret=?

4) Script to display return value of a given kernel function

stap -e 'probe kernel.function("vfs_read").return { printf("ret=%x \n",$return ) }'

Output looks like:
   ret=189
   ret=10
   ret=8

5) Script to display local variable of given function at a given line number

stap  -e 'probe kernel.statement("__dentry_open@...open.c:772")  { printf("%s \n",$$locals) }'

Output looks like:
   inode=0xffff81007e0ff118 error=0x0
   inode=0xffff81007e0f3d18 error=0x0
   inode=0xffff81007e0f3d18 error=0x0
   inode=0xffff81007dc5ba18 error=0x0
   inode=0xffff81007d575418 error=0x0

6) Script to view how values of local variables varies in a given function

stap  -e 'probe kernel.statement("copy_strings@...exec.c:*")  { printf("%s %s \n",$$locals, pp()) }'

Output Looks like:
   kmapped_page=0xffffe200005faec0 kaddr=0xffff81001b568000 kpos=0x7fffffffe000 ret=?  kernel.statement("copy_strings@...exec.c:412")
   kmapped_page=0xffffe200005faec0 kaddr=0xffff81001b568000 kpos=0x7fffffffe000 ret=?  kernel.statement("copy_strings@...exec.c:418")
   kmapped_page=0xffffe200005faec0 kaddr=0xffff81001b568000 kpos=0x7fffffffe000 ret=?  kernel.statement("copy_strings@...exec.c:419")
   kmapped_page=0xffffe200005faec0 kaddr=0xffff81001b568000 kpos=0x7fffffffe000 ret=?  kernel.statement("copy_strings@...exec.c:420")
   kmapped_page=0xffffe200005faec0 kaddr=0xffff81001b568000 kpos=0x7fffffffe000 ret=?  kernel.statement("copy_strings@...exec.c:422")


Thanks
   Srinivasa DS


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists